* [PATCH net] sctp: fix the issue that the cookie-ack with auth can't get processed
@ 2018-05-02 5:45 ` Xin Long
0 siblings, 0 replies; 8+ messages in thread
From: Xin Long @ 2018-05-02 5:45 UTC (permalink / raw)
To: network dev, linux-sctp; +Cc: davem, Marcelo Ricardo Leitner, Neil Horman
When auth is enabled for cookie-ack chunk, in sctp_inq_pop, sctp
processes auth chunk first, then continues to the next chunk in
this packet if chunk_end + chunk_hdr size < skb_tail_pointer().
Otherwise, it will go to the next packet or discard this chunk.
However, it missed the fact that cookie-ack chunk's size is equal
to chunk_hdr size, which couldn't match that check, and thus this
chunk would not get processed.
This patch fixes it by changing the check to chunk_end + chunk_hdr
size <= skb_tail_pointer().
Fixes: 26b87c788100 ("net: sctp: fix remote memory pressure from excessive queueing")
Signed-off-by: Xin Long <lucien.xin@gmail.com>
---
net/sctp/inqueue.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/sctp/inqueue.c b/net/sctp/inqueue.c
index 23ebc53..eb93ffe 100644
--- a/net/sctp/inqueue.c
+++ b/net/sctp/inqueue.c
@@ -217,7 +217,7 @@ struct sctp_chunk *sctp_inq_pop(struct sctp_inq *queue)
skb_pull(chunk->skb, sizeof(*ch));
chunk->subh.v = NULL; /* Subheader is no longer valid. */
- if (chunk->chunk_end + sizeof(*ch) < skb_tail_pointer(chunk->skb)) {
+ if (chunk->chunk_end + sizeof(*ch) <= skb_tail_pointer(chunk->skb)) {
/* This is not a singleton */
chunk->singleton = 0;
} else if (chunk->chunk_end > skb_tail_pointer(chunk->skb)) {
--
2.1.0
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [PATCH net] sctp: fix the issue that the cookie-ack with auth can't get processed
@ 2018-05-02 5:45 ` Xin Long
0 siblings, 0 replies; 8+ messages in thread
From: Xin Long @ 2018-05-02 5:45 UTC (permalink / raw)
To: network dev, linux-sctp; +Cc: davem, Marcelo Ricardo Leitner, Neil Horman
When auth is enabled for cookie-ack chunk, in sctp_inq_pop, sctp
processes auth chunk first, then continues to the next chunk in
this packet if chunk_end + chunk_hdr size < skb_tail_pointer().
Otherwise, it will go to the next packet or discard this chunk.
However, it missed the fact that cookie-ack chunk's size is equal
to chunk_hdr size, which couldn't match that check, and thus this
chunk would not get processed.
This patch fixes it by changing the check to chunk_end + chunk_hdr
size <= skb_tail_pointer().
Fixes: 26b87c788100 ("net: sctp: fix remote memory pressure from excessive queueing")
Signed-off-by: Xin Long <lucien.xin@gmail.com>
---
net/sctp/inqueue.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/sctp/inqueue.c b/net/sctp/inqueue.c
index 23ebc53..eb93ffe 100644
--- a/net/sctp/inqueue.c
+++ b/net/sctp/inqueue.c
@@ -217,7 +217,7 @@ struct sctp_chunk *sctp_inq_pop(struct sctp_inq *queue)
skb_pull(chunk->skb, sizeof(*ch));
chunk->subh.v = NULL; /* Subheader is no longer valid. */
- if (chunk->chunk_end + sizeof(*ch) < skb_tail_pointer(chunk->skb)) {
+ if (chunk->chunk_end + sizeof(*ch) <= skb_tail_pointer(chunk->skb)) {
/* This is not a singleton */
chunk->singleton = 0;
} else if (chunk->chunk_end > skb_tail_pointer(chunk->skb)) {
--
2.1.0
^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [PATCH net] sctp: fix the issue that the cookie-ack with auth can't get processed
2018-05-02 5:45 ` Xin Long
@ 2018-05-02 11:47 ` Neil Horman
-1 siblings, 0 replies; 8+ messages in thread
From: Neil Horman @ 2018-05-02 11:47 UTC (permalink / raw)
To: Xin Long; +Cc: network dev, linux-sctp, davem, Marcelo Ricardo Leitner
On Wed, May 02, 2018 at 01:45:12PM +0800, Xin Long wrote:
> When auth is enabled for cookie-ack chunk, in sctp_inq_pop, sctp
> processes auth chunk first, then continues to the next chunk in
> this packet if chunk_end + chunk_hdr size < skb_tail_pointer().
> Otherwise, it will go to the next packet or discard this chunk.
>
> However, it missed the fact that cookie-ack chunk's size is equal
> to chunk_hdr size, which couldn't match that check, and thus this
> chunk would not get processed.
>
> This patch fixes it by changing the check to chunk_end + chunk_hdr
> size <= skb_tail_pointer().
>
> Fixes: 26b87c788100 ("net: sctp: fix remote memory pressure from excessive queueing")
> Signed-off-by: Xin Long <lucien.xin@gmail.com>
> ---
> net/sctp/inqueue.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/sctp/inqueue.c b/net/sctp/inqueue.c
> index 23ebc53..eb93ffe 100644
> --- a/net/sctp/inqueue.c
> +++ b/net/sctp/inqueue.c
> @@ -217,7 +217,7 @@ struct sctp_chunk *sctp_inq_pop(struct sctp_inq *queue)
> skb_pull(chunk->skb, sizeof(*ch));
> chunk->subh.v = NULL; /* Subheader is no longer valid. */
>
> - if (chunk->chunk_end + sizeof(*ch) < skb_tail_pointer(chunk->skb)) {
> + if (chunk->chunk_end + sizeof(*ch) <= skb_tail_pointer(chunk->skb)) {
> /* This is not a singleton */
> chunk->singleton = 0;
> } else if (chunk->chunk_end > skb_tail_pointer(chunk->skb)) {
> --
> 2.1.0
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-sctp" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH net] sctp: fix the issue that the cookie-ack with auth can't get processed
@ 2018-05-02 11:47 ` Neil Horman
0 siblings, 0 replies; 8+ messages in thread
From: Neil Horman @ 2018-05-02 11:47 UTC (permalink / raw)
To: Xin Long; +Cc: network dev, linux-sctp, davem, Marcelo Ricardo Leitner
On Wed, May 02, 2018 at 01:45:12PM +0800, Xin Long wrote:
> When auth is enabled for cookie-ack chunk, in sctp_inq_pop, sctp
> processes auth chunk first, then continues to the next chunk in
> this packet if chunk_end + chunk_hdr size < skb_tail_pointer().
> Otherwise, it will go to the next packet or discard this chunk.
>
> However, it missed the fact that cookie-ack chunk's size is equal
> to chunk_hdr size, which couldn't match that check, and thus this
> chunk would not get processed.
>
> This patch fixes it by changing the check to chunk_end + chunk_hdr
> size <= skb_tail_pointer().
>
> Fixes: 26b87c788100 ("net: sctp: fix remote memory pressure from excessive queueing")
> Signed-off-by: Xin Long <lucien.xin@gmail.com>
> ---
> net/sctp/inqueue.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/sctp/inqueue.c b/net/sctp/inqueue.c
> index 23ebc53..eb93ffe 100644
> --- a/net/sctp/inqueue.c
> +++ b/net/sctp/inqueue.c
> @@ -217,7 +217,7 @@ struct sctp_chunk *sctp_inq_pop(struct sctp_inq *queue)
> skb_pull(chunk->skb, sizeof(*ch));
> chunk->subh.v = NULL; /* Subheader is no longer valid. */
>
> - if (chunk->chunk_end + sizeof(*ch) < skb_tail_pointer(chunk->skb)) {
> + if (chunk->chunk_end + sizeof(*ch) <= skb_tail_pointer(chunk->skb)) {
> /* This is not a singleton */
> chunk->singleton = 0;
> } else if (chunk->chunk_end > skb_tail_pointer(chunk->skb)) {
> --
> 2.1.0
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-sctp" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH net] sctp: fix the issue that the cookie-ack with auth can't get processed
2018-05-02 5:45 ` Xin Long
@ 2018-05-02 12:04 ` Marcelo Ricardo Leitner
-1 siblings, 0 replies; 8+ messages in thread
From: Marcelo Ricardo Leitner @ 2018-05-02 12:04 UTC (permalink / raw)
To: Xin Long; +Cc: network dev, linux-sctp, davem, Neil Horman
On Wed, May 02, 2018 at 01:45:12PM +0800, Xin Long wrote:
> When auth is enabled for cookie-ack chunk, in sctp_inq_pop, sctp
> processes auth chunk first, then continues to the next chunk in
> this packet if chunk_end + chunk_hdr size < skb_tail_pointer().
> Otherwise, it will go to the next packet or discard this chunk.
>
> However, it missed the fact that cookie-ack chunk's size is equal
> to chunk_hdr size, which couldn't match that check, and thus this
> chunk would not get processed.
>
> This patch fixes it by changing the check to chunk_end + chunk_hdr
> size <= skb_tail_pointer().
>
> Fixes: 26b87c788100 ("net: sctp: fix remote memory pressure from excessive queueing")
> Signed-off-by: Xin Long <lucien.xin@gmail.com>
Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
> ---
> net/sctp/inqueue.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/sctp/inqueue.c b/net/sctp/inqueue.c
> index 23ebc53..eb93ffe 100644
> --- a/net/sctp/inqueue.c
> +++ b/net/sctp/inqueue.c
> @@ -217,7 +217,7 @@ struct sctp_chunk *sctp_inq_pop(struct sctp_inq *queue)
> skb_pull(chunk->skb, sizeof(*ch));
> chunk->subh.v = NULL; /* Subheader is no longer valid. */
>
> - if (chunk->chunk_end + sizeof(*ch) < skb_tail_pointer(chunk->skb)) {
> + if (chunk->chunk_end + sizeof(*ch) <= skb_tail_pointer(chunk->skb)) {
> /* This is not a singleton */
> chunk->singleton = 0;
> } else if (chunk->chunk_end > skb_tail_pointer(chunk->skb)) {
> --
> 2.1.0
>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH net] sctp: fix the issue that the cookie-ack with auth can't get processed
@ 2018-05-02 12:04 ` Marcelo Ricardo Leitner
0 siblings, 0 replies; 8+ messages in thread
From: Marcelo Ricardo Leitner @ 2018-05-02 12:04 UTC (permalink / raw)
To: Xin Long; +Cc: network dev, linux-sctp, davem, Neil Horman
On Wed, May 02, 2018 at 01:45:12PM +0800, Xin Long wrote:
> When auth is enabled for cookie-ack chunk, in sctp_inq_pop, sctp
> processes auth chunk first, then continues to the next chunk in
> this packet if chunk_end + chunk_hdr size < skb_tail_pointer().
> Otherwise, it will go to the next packet or discard this chunk.
>
> However, it missed the fact that cookie-ack chunk's size is equal
> to chunk_hdr size, which couldn't match that check, and thus this
> chunk would not get processed.
>
> This patch fixes it by changing the check to chunk_end + chunk_hdr
> size <= skb_tail_pointer().
>
> Fixes: 26b87c788100 ("net: sctp: fix remote memory pressure from excessive queueing")
> Signed-off-by: Xin Long <lucien.xin@gmail.com>
Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
> ---
> net/sctp/inqueue.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/sctp/inqueue.c b/net/sctp/inqueue.c
> index 23ebc53..eb93ffe 100644
> --- a/net/sctp/inqueue.c
> +++ b/net/sctp/inqueue.c
> @@ -217,7 +217,7 @@ struct sctp_chunk *sctp_inq_pop(struct sctp_inq *queue)
> skb_pull(chunk->skb, sizeof(*ch));
> chunk->subh.v = NULL; /* Subheader is no longer valid. */
>
> - if (chunk->chunk_end + sizeof(*ch) < skb_tail_pointer(chunk->skb)) {
> + if (chunk->chunk_end + sizeof(*ch) <= skb_tail_pointer(chunk->skb)) {
> /* This is not a singleton */
> chunk->singleton = 0;
> } else if (chunk->chunk_end > skb_tail_pointer(chunk->skb)) {
> --
> 2.1.0
>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH net] sctp: fix the issue that the cookie-ack with auth can't get processed
2018-05-02 5:45 ` Xin Long
@ 2018-05-02 15:16 ` David Miller
-1 siblings, 0 replies; 8+ messages in thread
From: David Miller @ 2018-05-02 15:16 UTC (permalink / raw)
To: lucien.xin; +Cc: netdev, linux-sctp, marcelo.leitner, nhorman
From: Xin Long <lucien.xin@gmail.com>
Date: Wed, 2 May 2018 13:45:12 +0800
> When auth is enabled for cookie-ack chunk, in sctp_inq_pop, sctp
> processes auth chunk first, then continues to the next chunk in
> this packet if chunk_end + chunk_hdr size < skb_tail_pointer().
> Otherwise, it will go to the next packet or discard this chunk.
>
> However, it missed the fact that cookie-ack chunk's size is equal
> to chunk_hdr size, which couldn't match that check, and thus this
> chunk would not get processed.
>
> This patch fixes it by changing the check to chunk_end + chunk_hdr
> size <= skb_tail_pointer().
>
> Fixes: 26b87c788100 ("net: sctp: fix remote memory pressure from excessive queueing")
> Signed-off-by: Xin Long <lucien.xin@gmail.com>
Applied and queued up for -stable.
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH net] sctp: fix the issue that the cookie-ack with auth can't get processed
@ 2018-05-02 15:16 ` David Miller
0 siblings, 0 replies; 8+ messages in thread
From: David Miller @ 2018-05-02 15:16 UTC (permalink / raw)
To: lucien.xin; +Cc: netdev, linux-sctp, marcelo.leitner, nhorman
From: Xin Long <lucien.xin@gmail.com>
Date: Wed, 2 May 2018 13:45:12 +0800
> When auth is enabled for cookie-ack chunk, in sctp_inq_pop, sctp
> processes auth chunk first, then continues to the next chunk in
> this packet if chunk_end + chunk_hdr size < skb_tail_pointer().
> Otherwise, it will go to the next packet or discard this chunk.
>
> However, it missed the fact that cookie-ack chunk's size is equal
> to chunk_hdr size, which couldn't match that check, and thus this
> chunk would not get processed.
>
> This patch fixes it by changing the check to chunk_end + chunk_hdr
> size <= skb_tail_pointer().
>
> Fixes: 26b87c788100 ("net: sctp: fix remote memory pressure from excessive queueing")
> Signed-off-by: Xin Long <lucien.xin@gmail.com>
Applied and queued up for -stable.
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2018-05-02 15:16 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-05-02 5:45 [PATCH net] sctp: fix the issue that the cookie-ack with auth can't get processed Xin Long
2018-05-02 5:45 ` Xin Long
2018-05-02 11:47 ` Neil Horman
2018-05-02 11:47 ` Neil Horman
2018-05-02 12:04 ` Marcelo Ricardo Leitner
2018-05-02 12:04 ` Marcelo Ricardo Leitner
2018-05-02 15:16 ` David Miller
2018-05-02 15:16 ` David Miller
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.