From: Sasha Levin <sashal@kernel.org>
To: Eric Dumazet <edumazet@google.com>
Cc: Matthieu Baerts <matthieu.baerts@tessares.net>,
stable@vger.kernel.org,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Andrew Prout <aprout@ll.mit.edu>,
Jonathan Lemon <jonathan.lemon@gmail.com>,
Michal Kubecek <mkubecek@suse.cz>,
Neal Cardwell <ncardwell@google.com>,
Yuchung Cheng <ycheng@google.com>,
Christoph Paasch <cpaasch@apple.com>,
Jonathan Looney <jtl@netflix.com>,
"David S . Miller" <davem@davemloft.net>
Subject: Re: [PATCH] tcp: be more careful in tcp_fragment()
Date: Tue, 6 Aug 2019 18:10:20 -0400 [thread overview]
Message-ID: <20190806221020.GO17747@sasha-vm> (raw)
In-Reply-To: <CANn89iL5au7KJQaw9JvMF9Q6-KqA3yMo-vrff33t7ozRZvyPvA@mail.gmail.com>
On Tue, Aug 06, 2019 at 05:25:35PM +0200, Eric Dumazet wrote:
>On Tue, Aug 6, 2019 at 5:09 PM Matthieu Baerts
><matthieu.baerts@tessares.net> wrote:
>>
>> From: Eric Dumazet <edumazet@google.com>
>>
>> commit b617158dc096709d8600c53b6052144d12b89fab upstream.
>>
>> Some applications set tiny SO_SNDBUF values and expect
>> TCP to just work. Recent patches to address CVE-2019-11478
>> broke them in case of losses, since retransmits might
>> be prevented.
>>
>> We should allow these flows to make progress.
>>
>> This patch allows the first and last skb in retransmit queue
>> to be split even if memory limits are hit.
>>
>> It also adds the some room due to the fact that tcp_sendmsg()
>> and tcp_sendpage() might overshoot sk_wmem_queued by about one full
>> TSO skb (64KB size). Note this allowance was already present
>> in stable backports for kernels < 4.15
>>
>> Note for < 4.15 backports :
>> tcp_rtx_queue_tail() will probably look like :
>>
>> static inline struct sk_buff *tcp_rtx_queue_tail(const struct sock *sk)
>> {
>> struct sk_buff *skb = tcp_send_head(sk);
>>
>> return skb ? tcp_write_queue_prev(sk, skb) : tcp_write_queue_tail(sk);
>> }
>>
>> Fixes: f070ef2ac667 ("tcp: tcp_fragment() should apply sane memory limits")
>> Signed-off-by: Eric Dumazet <edumazet@google.com>
>> Reported-by: Andrew Prout <aprout@ll.mit.edu>
>> Tested-by: Andrew Prout <aprout@ll.mit.edu>
>> Tested-by: Jonathan Lemon <jonathan.lemon@gmail.com>
>> Tested-by: Michal Kubecek <mkubecek@suse.cz>
>> Acked-by: Neal Cardwell <ncardwell@google.com>
>> Acked-by: Yuchung Cheng <ycheng@google.com>
>> Acked-by: Christoph Paasch <cpaasch@apple.com>
>> Cc: Jonathan Looney <jtl@netflix.com>
>> Signed-off-by: David S. Miller <davem@davemloft.net>
>> Signed-off-by: Matthieu Baerts <matthieu.baerts@tessares.net>
>> ---
>>
>> Notes:
>> Hello,
>>
>> Here is the backport for linux-4.14.y branch simply by implementing
>> functions written by Eric here in the commit message and in this email
>> thread. It might be valid for older versions, I didn't check.
>>
>> In my setup with MPTCP, I had the same bug other had where TCP flows
>> were stalled. The initial fix b6653b3629e5 (tcp: refine memory limit
>> test in tcp_fragment()) from Eric was helping but the backport in
>> < 4.15 was not looking safe: 1bc13903773b (tcp: refine memory limit
>> test in tcp_fragment()).
>>
>> I then decided to test the new fix and it is working fine in my test
>> environment, no stalled TCP flows in a few hours.
>>
>> In this email thread I see that Eric will push a patch for v4.14. I
>> absolutely do not want to add pressure or steal his work but because I
>> have the patch here and it is tested, I was thinking it could be a good
>> idea to share it with others. Feel free to ignore this patch if needed.
>> But if this patch can reduce a tiny bit Eric's workload, I would be
>> very glad if it helps :)
>> Because at the end, it is Eric's work, feel free to change my
>> "Signed-off-by" by "Tested-By" if it is how it work or nothing if you
>> prefer to wait for Eric's patch.
>
>This patch is fine, I was simply on vacation last week, and wanted to
>truly take full advantage of them ;)
Queued for 4.14, 4.9, and 4.4. Thanks all!
--
Thanks,
Sasha
prev parent reply other threads:[~2019-08-06 22:10 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-26 12:38 FAILED: patch "[PATCH] tcp: be more careful in tcp_fragment()" failed to apply to 4.14-stable tree gregkh
2019-07-26 12:45 ` Greg KH
2019-07-26 14:39 ` Eric Dumazet
2019-07-26 14:54 ` Greg KH
2019-08-06 15:09 ` [PATCH] tcp: be more careful in tcp_fragment() Matthieu Baerts
2019-08-06 15:25 ` Eric Dumazet
2019-08-06 22:10 ` Sasha Levin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190806221020.GO17747@sasha-vm \
--to=sashal@kernel.org \
--cc=aprout@ll.mit.edu \
--cc=cpaasch@apple.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=jonathan.lemon@gmail.com \
--cc=jtl@netflix.com \
--cc=matthieu.baerts@tessares.net \
--cc=mkubecek@suse.cz \
--cc=ncardwell@google.com \
--cc=stable@vger.kernel.org \
--cc=ycheng@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).