mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/net/core
History
Eric Dumazet 3c77a37787 tcp: fix skb_copy_ubufs() vs BIG TCP 
[ Upstream commit 7e692df393 ]

David Ahern reported crashes in skb_copy_ubufs() caused by TCP tx zerocopy
using hugepages, and skb length bigger than ~68 KB.

skb_copy_ubufs() assumed it could copy all payload using up to
MAX_SKB_FRAGS order-0 pages.

This assumption broke when BIG TCP was able to put up to 512 KB per skb.

We did not hit this bug at Google because we use CONFIG_MAX_SKB_FRAGS=45
and limit gso_max_size to 180000.

A solution is to use higher order pages if needed.

v2: add missing __GFP_COMP, or we leak memory.

Fixes: 7c4e983c4f ("net: allow gso_max_size to exceed 65536")
Reported-by: David Ahern <dsahern@kernel.org>
Link: https://lore.kernel.org/netdev/c70000f6-baa4-4a05-46d0-4b3e0dc1ccc8@gmail.com/T/
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Xin Long <lucien.xin@gmail.com>
Cc: Willem de Bruijn <willemb@google.com>
Cc: Coco Li <lixiaoyan@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2023-05-17 13:58:44 +02:00
..
Makefile net: skb: export skb drop reaons to user by TRACE_DEFINE_ENUM 2022-09-07 15:28:08 +01:00
bpf_sk_storage.c bpf: return long from bpf_map_ops funcs 2023-05-11 23:11:09 +09:00
datagram.c tcp: TX zerocopy should not sense pfmemalloc status 2022-09-02 12:29:02 +01:00
dev.c rtnetlink: Restore RTM_NEW/DELLINK notification behavior 2023-04-20 12:36:55 +02:00
dev.h net: add new helper unregister_netdevice_many_notify 2022-10-31 18:10:21 -07:00
dev_addr_lists.c net: extract a few internals from netdevice.h 2022-04-07 20:32:09 -07:00
dev_addr_lists_test.c kunit: Use KUNIT_EXPECT_MEMEQ macro 2022-10-27 02:40:14 -06:00
dev_ioctl.c net: dev: Convert sa_data to flexible array in struct sockaddr 2022-10-25 11:44:20 -07:00
devlink.c devlink: Fix netdev notifier chain corruption 2023-02-16 11:53:47 +01:00
drop_monitor.c genetlink: introduce split op representation 2022-11-07 12:30:16 +00:00
dst.c Networking changes for 6.2. 2022-12-13 15:47:48 -08:00
dst_cache.c
failover.c net: failover: use IFF_NO_ADDRCONF flag to prevent ipv6 addrconf 2022-12-12 15:18:25 -08:00
fib_notifier.c
fib_rules.c
filter.c bpf: bpf_fib_lookup should not return neigh in NUD_FAILED state 2023-03-03 11:56:16 +01:00
flow_dissector.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-11-29 13:04:52 -08:00
flow_offload.c net: flow_offload: add support for ARP frame matching 2022-11-14 11:24:16 +00:00
gen_estimator.c treewide: Convert del_timer*() to timer_shutdown*() 2022-12-25 13:38:09 -08:00
gen_stats.c net: Remove the obsolte u64_stats_fetch_*_irq() users (net). 2022-10-28 20:13:54 -07:00
gro.c skb: Do mix page pool and page referenced frags in GRO 2023-01-27 23:21:27 -08:00
gro_cells.c net: drop the weight argument from netif_napi_add 2022-09-28 18:57:14 -07:00
hwbm.c
link_watch.c net: linkwatch: only report IF_OPER_LOWERLAYERDOWN if iflink is actually down 2022-11-16 09:45:00 +00:00
lwt_bpf.c bpf, lwt: Fix crash when using bpf_skb_set_tunnel_key() from bpf_xmit lwt hook 2022-04-22 17:45:25 +02:00
lwtunnel.c xfrm: lwtunnel: squelch kernel warning in case XFRM encap type is not available 2022-10-12 10:45:51 +02:00
neighbour.c neigh: make sure used and confirmed times are valid 2023-02-06 08:44:31 +00:00
net-procfs.c net: extract a few internals from netdevice.h 2022-04-07 20:32:09 -07:00
net-sysfs.c Driver Core changes for 6.2-rc1 2022-12-16 03:54:54 -08:00
net-sysfs.h
net-traces.c
net_namespace.c net: initialize net->notrefcnt_tracker earlier 2023-02-09 22:49:25 -08:00
netclassid_cgroup.c core: Variable type completion 2022-08-31 09:40:34 +01:00
netevent.c
netpoll.c net: don't let netpoll invoke NAPI if in xmit context 2023-04-13 17:02:38 +02:00
netprio_cgroup.c
of_net.c of: net: export of_get_mac_address_nvmem() 2022-11-29 10:45:53 +01:00
page_pool.c - The usual batches of cleanups from Baoquan He, Muchun Song, Miaohe 2022-08-05 16:32:45 -07:00
pktgen.c treewide: use get_random_u32_inclusive() when possible 2022-11-18 02:18:02 +01:00
ptp_classifier.c
request_sock.c
rtnetlink.c rtnetlink: Restore RTM_NEW/DELLINK notification behavior 2023-04-20 12:36:55 +02:00
scm.c scm: add user copy checks to put_cmsg() 2023-03-10 09:29:13 +01:00
secure_seq.c tcp: Fix data-races around sysctl knobs related to SYN option. 2022-07-20 10:14:49 +01:00
selftests.c
skbuff.c tcp: fix skb_copy_ubufs() vs BIG TCP 2023-05-17 13:58:44 +02:00
skmsg.c bpf, sockmap: Fix missing BPF_F_INGRESS flag when using apply_bytes 2022-12-01 01:07:32 +01:00
sock.c net: use indirect calls helpers for sk_exit_memory_pressure() 2023-03-17 08:57:53 +01:00
sock_destructor.h
sock_diag.c net: fix __sock_gen_cookie() 2022-11-21 20:36:30 -08:00
sock_map.c bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap 2023-05-11 23:11:14 +09:00
sock_reuseport.c soreuseport: Fix socket selection for SO_INCOMING_CPU. 2022-10-25 11:35:16 +02:00
stream.c net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from sk_stream_kill_queues(). 2023-02-10 19:53:42 -08:00
sysctl_net_core.c net: sysctl: remove unused variable long_max 2022-09-07 15:31:19 +01:00
timestamping.c
tso.c net: tso: inline tso_count_descs() 2022-12-12 15:04:39 -08:00
utils.c net: core: inet[46]_pton strlen len types 2022-11-01 21:14:39 -07:00
xdp.c xdp: improve page_pool xdp_return performance 2022-09-26 11:28:19 -07:00