| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <655edad3-d09a-ea0e-e230-557bdedb712d@gmail.com>
Date: Tue, 26 Feb 2019 08:08:17 -0800
From: Eric Dumazet <eric.dumazet@...il.com>
To: Stephen Hemminger <stephen@...workplumber.org>,
Sheng Lan <lansheng@...wei.com>
Cc: davem@...emloft.net, netdev@...r.kernel.org,
netem@...ts.linux-foundation.org, xuhanbing@...wei.com,
zhengshaoyu@...wei.com, jiqin.ji@...wei.com,
liuzhiqiang26@...wei.com, yuehaibing@...wei.com
Subject: Re: [PATCH] net: netem: fix skb length BUG_ON in __skb_to_sgvec
On 02/26/2019 07:59 AM, Stephen Hemminger wrote:
>
>
> Maybe the fix is to stop TSO fragment from overwriting by doing something like:
>
> diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
> index 730bc44dbad9..5fe91d0224f6 100644
> --- a/net/ipv4/tcp_output.c
> +++ b/net/ipv4/tcp_output.c
> @@ -1856,7 +1856,7 @@ static int tso_fragment(struct sock *sk, enum tcp_queue tcp_queue,
> u8 flags;
>
> /* All of a TSO frame must be composed of paged data. */
> - if (skb->len != skb->data_len)
> + if (skb->len != skb->data_len || skb_cloned(skb))
> return tcp_fragment(sk, tcp_queue, skb, len, mss_now, gfp);
>
> buff = sk_stream_alloc_skb(sk, 0, gfp, true);
>
tso_fragment() is only called with packets that were not yet transmit.
Powered by blists - more mailing lists