mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-16 07:35:14 +00:00
Code Issues Releases Wiki Activity
linux-stable/net
History
Willem de Bruijn 54d4311764 sock: correct sk_wmem_queued accounting on efault in tcp zerocopy 
Syzkaller hits WARN_ON(sk->sk_wmem_queued) in sk_stream_kill_queues
after triggering an EFAULT in __zerocopy_sg_from_iter.

On this error, skb_zerocopy_stream_iter resets the skb to its state
before the operation with __pskb_trim. It cannot kfree_skb like
datagram callers, as the skb may have data from a previous send call.

__pskb_trim calls skb_condense for unowned skbs, which adjusts their
truesize. These tcp skbuffs are owned and their truesize must add up
to sk_wmem_queued. But they match because their skb->sk is NULL until
tcp_transmit_skb.

Temporarily set skb->sk when calling __pskb_trim to signal that the
skbuffs are owned and avoid the skb_condense path.

Fixes: 52267790ef ("sock: add MSG_ZEROCOPY")
Signed-off-by: Willem de Bruijn <willemb@google.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-10-22 01:45:52 +01:00
..
6lowpan
9p net/9p: switch p9_fd_read to kernel_write 2017-09-04 19:05:16 -04:00
802 net: introduce __skb_put_[zero, data, u8] 2017-06-20 13:30:14 -04:00
8021q net: 8021q: skip packets if the vlan is down 2017-10-04 18:16:48 -07:00
appletalk
atm net: atm: make atmdev_ops const 2017-08-09 22:43:50 -07:00
ax25 net, ax25: convert ax25_cb.refcount from atomic_t to refcount_t 2017-07-04 22:35:19 +01:00
batman-adv Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-08-09 16:28:45 -07:00
bluetooth Revert "Bluetooth: Add option for disabling legacy ioctl interfaces" 2017-09-28 13:20:32 -07:00
bpf
bridge netfilter: ebtables: fix race condition in frame_filter_net_init() 2017-09-29 13:36:06 +02:00
caif net: convert sock.sk_wmem_alloc from atomic_t to refcount_t 2017-07-01 07:39:08 -07:00
can can: af_can: can_pernet_init(): add missing error handling for kzalloc returning NULL 2017-10-19 13:05:54 +02:00
ceph libceph: don't allow bidirectional swap of pg-upmap-items 2017-09-19 20:34:29 +02:00
core sock: correct sk_wmem_queued accounting on efault in tcp zerocopy 2017-10-22 01:45:52 +01:00
dcb rtnetlink: make rtnl_register accept a flags parameter 2017-08-09 16:57:38 -07:00
dccp tcp/dccp: fix ireq->opt races 2017-10-21 01:33:19 +01:00
decnet Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2017-09-03 17:08:42 -07:00
dns_resolver
dsa net: dsa: Fix network device registration order 2017-09-28 10:12:53 -07:00
ethernet
hsr net/hsr: Check skb_put_padto() return value 2017-08-22 13:40:23 -07:00
ieee802154 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-09-05 20:03:35 -07:00
ife
ipv4 udp: make some messages more descriptive 2017-10-21 02:52:35 +01:00
ipv6 Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2017-10-09 10:39:52 -07:00
ipx net, ipx: convert ipx_route.refcnt from atomic_t to refcount_t 2017-07-04 22:35:17 +01:00
iucv iucv: Convert sk_wmem_alloc accesses to refcount_t. 2017-07-03 02:31:22 -07:00
kcm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-09-01 17:42:05 -07:00
key Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-08-15 20:23:23 -07:00
l2tp l2tp: check ps->sock before running pppol2tp_session_ioctl() 2017-10-14 18:38:56 -07:00
l3mdev
lapb net, lapb: convert lapb_cb.refcnt from atomic_t to refcount_t 2017-07-04 22:35:16 +01:00
llc net, llc: convert llc_sap.refcnt from atomic_t to refcount_t 2017-07-04 22:35:15 +01:00
mac80211 mac80211: accept key reinstall without changing anything 2017-10-16 13:02:03 +02:00
mac802154
mpls rtnetlink: make rtnl_register accept a flags parameter 2017-08-09 16:57:38 -07:00
ncsi net/ncsi: Fix length of GVI response packet 2017-10-21 01:56:38 +01:00
netfilter netfilter: xt_bpf: Fix XT_BPF_MODE_FD_PINNED mode of 'xt_bpf_info_v1' 2017-10-09 15:18:04 +02:00
netlabel
netlink netlink: fix netlink_ack() extack race 2017-10-18 12:22:28 +01:00
netrom net, netrom: convert nr_node.refcount from atomic_t to refcount_t 2017-07-04 22:35:17 +01:00
nfc NFC: Add sockaddr length checks before accessing sa_family in bind handlers 2017-06-23 00:38:31 +02:00
nsh nsh: add GSO support 2017-08-29 15:16:52 -07:00
openvswitch openvswitch: Fix an error handling path in 'ovs_nla_init_match_and_action()' 2017-09-12 20:37:31 -07:00
packet packet: avoid panic in packet_getsockopt() 2017-10-21 01:51:34 +01:00
phonet rtnetlink: make rtnl_register accept a flags parameter 2017-08-09 16:57:38 -07:00
psample
qrtr rtnetlink: make rtnl_register accept a flags parameter 2017-08-09 16:57:38 -07:00
rds rds: Fix incorrect statistics counting 2017-09-07 20:07:13 -07:00
rfkill
rose
rxrpc rxrpc: Make service connection lookup always check for retry 2017-09-05 14:39:17 -07:00
sched net/sched: cls_flower: Set egress_dev mark when calling into the HW driver 2017-10-16 21:18:59 +01:00
sctp sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect 2017-10-20 12:53:45 +01:00
smc net/smc: no close wait in case of process shut down 2017-09-21 15:31:03 -07:00
strparser strparser: initialize all callbacks 2017-08-24 21:57:50 -07:00
sunrpc sunrpc: remove redundant initialization of sock 2017-10-01 18:51:30 -04:00
switchdev net: switchdev: Remove bridge bypass support from switchdev 2017-08-07 14:48:48 -07:00
tipc tipc: Unclone message at secondary destination lookup 2017-10-08 21:13:23 -07:00
tls tls: make tls_sw_free_resources static 2017-09-14 09:55:21 -07:00
unix Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-08-21 17:06:42 -07:00
vmw_vsock hv_sock: add locking in the open/close/release code paths 2017-10-21 02:21:08 +01:00
wimax
wireless nl80211: Define policy for packet pattern attributes 2017-10-04 14:39:21 +02:00
x25 X25: constify null_x25_address 2017-08-03 09:13:51 -07:00
xfrm xfrm: don't call xfrm_policy_cache_flush under xfrm_state_lock 2017-09-28 09:39:05 +02:00
compat.c net: compat: assert the size of cmsg copied in is as expected 2017-09-20 15:36:18 -07:00
Kconfig net: Remove CONFIG_NETFILTER_DEBUG and _ASSERT() macros. 2017-09-04 13:25:20 +02:00
Makefile nsh: add GSO support 2017-08-29 15:16:52 -07:00
socket.c net: fixes for skb_send_sock 2017-08-16 11:27:52 -07:00
sysctl_net.c