From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Michal Kubecek <mkubecek@suse.cz>
Cc: Takashi Iwai <tiwai@suse.de>,
stable@vger.kernel.org, Eric Dumazet <edumazet@google.com>,
"David S . Miller" <davem@davemloft.net>,
linux-kernel@vger.kernel.org, Jiri Bohac <jbohac@suse.cz>
Subject: Re: [PATCH 4.4.y] tcp: Fix missing range_truesize enlargement in the backport
Date: Thu, 16 Aug 2018 17:16:46 +0200 [thread overview]
Message-ID: <20180816151646.GF10648@kroah.com> (raw)
In-Reply-To: <20180815200230.z6mywup7vfe3hmyo@unicorn.suse.cz>
On Wed, Aug 15, 2018 at 10:02:30PM +0200, Michal Kubecek wrote:
> On Wed, Aug 15, 2018 at 01:11:21PM +0200, Greg Kroah-Hartman wrote:
> > On Wed, Aug 15, 2018 at 11:58:46AM +0200, Takashi Iwai wrote:
> > > The 4.4.y stable backport dc6ae4dffd65 for the upstream commit
> > > 3d4bf93ac120 ("tcp: detect malicious patterns in
> > > tcp_collapse_ofo_queue()") missed a line that enlarges the
> > > range_truesize value, which broke the whole check.
> > >
> > > Fixes: dc6ae4dffd65 ("tcp: detect malicious patterns in tcp_collapse_ofo_queue()")
> > > Signed-off-by: Takashi Iwai <tiwai@suse.de>
> > > ---
> > >
> > > Greg, this is a fix-up specific to 4.4.y stable backport that had a
> > > slightly different form from upstream fix. I haven't looked at the
> > > older trees, but 4.9.y and later took the upstream fix as is, so this
> > > patch isn't needed for them.
> > >
> > > The patch hasn't been tested with the real test case, though; let me
> > > know if the current code is intended. Thanks!
> >
> > Hm, I did the initial backport, and then Eric showed what I got wrong
> > and fixed that up, so being still wrong is not inconceivable at all :)
>
> Takashi's follow-up patch is what makes the backport work the same way
> as the original mainline commit 3d4bf93ac120. Without it, range_truesize
> will be always equal to truesize of first packet in a contiguous range
> so that the condition
>
> range_truesize != head->truesize
>
> will be always false (and there would be no point having range_truesize
> variable at all).
Thanks, I've now queued this up.
greg k-h
prev parent reply other threads:[~2018-08-16 18:16 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-15 9:58 [PATCH 4.4.y] tcp: Fix missing range_truesize enlargement in the backport Takashi Iwai
2018-08-15 11:11 ` Greg Kroah-Hartman
2018-08-15 12:15 ` Takashi Iwai
2018-08-15 20:02 ` Michal Kubecek
2018-08-16 15:16 ` Greg Kroah-Hartman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180816151646.GF10648@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=jbohac@suse.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=mkubecek@suse.cz \
--cc=stable@vger.kernel.org \
--cc=tiwai@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).