linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	stable@vger.kernel.org, Eric Dumazet <edumazet@google.com>,
	soukjin bae <soukjin.bae@samsung.com>,
	Neal Cardwell <ncardwell@google.com>,
	Soheil Hassas Yeganeh <soheil@google.com>,
	"David S. Miller" <davem@davemloft.net>,
	Sasha Levin <sashal@kernel.org>
Subject: [PATCH 4.20 18/32] tcp: tcp_v4_err() should be more careful
Date: Thu, 21 Feb 2019 15:36:06 +0100	[thread overview]
Message-ID: <20190221125251.958223874@linuxfoundation.org> (raw)
In-Reply-To: <20190221125250.855065214@linuxfoundation.org>

4.20-stable review patch.  If anyone has any objections, please let me know.

------------------

[ Upstream commit 2c4cc9712364c051b1de2d175d5fbea6be948ebf ]

ICMP handlers are not very often stressed, we should
make them more resilient to bugs that might surface in
the future.

If there is no packet in retransmit queue, we should
avoid a NULL deref.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: soukjin bae <soukjin.bae@samsung.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Acked-by: Soheil Hassas Yeganeh <soheil@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 net/ipv4/tcp_ipv4.c |    7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -535,14 +535,15 @@ void tcp_v4_err(struct sk_buff *icmp_skb
 		if (sock_owned_by_user(sk))
 			break;
 
+		skb = tcp_rtx_queue_head(sk);
+		if (WARN_ON_ONCE(!skb))
+			break;
+
 		icsk->icsk_backoff--;
 		icsk->icsk_rto = tp->srtt_us ? __tcp_set_rto(tp) :
 					       TCP_TIMEOUT_INIT;
 		icsk->icsk_rto = inet_csk_rto_backoff(icsk, TCP_RTO_MAX);
 
-		skb = tcp_rtx_queue_head(sk);
-		BUG_ON(!skb);
-
 		tcp_mstamp_refresh(tp);
 		delta_us = (u32)(tp->tcp_mstamp - tcp_skb_timestamp_us(skb));
 		remaining = icsk->icsk_rto -



  parent reply	other threads:[~2019-02-21 14:43 UTC|newest]

Thread overview: 39+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-02-21 14:35 [PATCH 4.20 00/32] 4.20.12-stable review Greg Kroah-Hartman
2019-02-21 14:35 ` [PATCH 4.20 01/32] dsa: mv88e6xxx: Ensure all pending interrupts are handled prior to exit Greg Kroah-Hartman
2019-02-21 14:35 ` [PATCH 4.20 02/32] net: fix IPv6 prefix route residue Greg Kroah-Hartman
2019-02-21 14:35 ` [PATCH 4.20 03/32] net: ipv4: use a dedicated counter for icmp_v4 redirect packets Greg Kroah-Hartman
2019-02-21 14:35 ` [PATCH 4.20 04/32] vsock: cope with memory allocation failure at socket creation time Greg Kroah-Hartman
2019-02-21 14:35 ` [PATCH 4.20 05/32] vxlan: test dev->flags & IFF_UP before calling netif_rx() Greg Kroah-Hartman
2019-02-21 14:35 ` [PATCH 4.20 06/32] mlxsw: __mlxsw_sp_port_headroom_set(): Fix a use of local variable Greg Kroah-Hartman
2019-02-21 14:35 ` [PATCH 4.20 07/32] net: crypto set sk to NULL when af_alg_release Greg Kroah-Hartman
2019-02-21 14:35 ` [PATCH 4.20 08/32] net: Fix for_each_netdev_feature on Big endian Greg Kroah-Hartman
2019-02-21 14:35 ` [PATCH 4.20 09/32] net: ip6_gre: initialize erspan_ver just for erspan tunnels Greg Kroah-Hartman
2019-02-21 14:35 ` [PATCH 4.20 10/32] net: phy: xgmiitorgmii: Support generic PHY status read Greg Kroah-Hartman
2019-02-21 14:35 ` [PATCH 4.20 11/32] net: stmmac: Fix a race in EEE enable callback Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 12/32] net: stmmac: handle endianness in dwmac4_get_timestamp Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 13/32] net: validate untrusted gso packets without csum offload Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 14/32] sky2: Increase D3 delay again Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 15/32] vhost: correctly check the return value of translate_desc() in log_used() Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 16/32] net: Add header for usage of fls64() Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 17/32] tcp: clear icsk_backoff in tcp_write_queue_purge() Greg Kroah-Hartman
2019-02-21 14:36 ` Greg Kroah-Hartman [this message]
2019-02-21 14:36 ` [PATCH 4.20 19/32] net: netcp: Fix ethss driver probe issue Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 20/32] net: Do not allocate page fragments that are not skb aligned Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 21/32] af_packet: fix raw sockets over 6in4 tunnel Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 22/32] arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 23/32] efi/arm: Revert "Defer persistent reservations until after paging_init()" Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 24/32] PCI: Fix __initdata issue with "pci=disable_acs_redir" parameter Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 25/32] scsi: target/core: Use kmem_cache_free() instead of kfree() Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 26/32] x86_64: increase stack size for KASAN_EXTRA Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 27/32] mmc: meson-gx: fix interrupt name Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 28/32] hwmon: (lm80) Fix missing unlock on error in set_fan_div() Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 29/32] netfilter: nf_nat_snmp_basic: add missing length checks in ASN.1 cbs Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 30/32] net/x25: do not hold the cpu too long in x25_new_lci() Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 31/32] mISDN: fix a race in dev_expire_timer() Greg Kroah-Hartman
2019-02-21 14:36 ` [PATCH 4.20 32/32] ax25: fix possible use-after-free Greg Kroah-Hartman
2019-02-22 15:05 ` [PATCH 4.20 00/32] 4.20.12-stable review Naresh Kamboju
2019-02-22 15:40   ` Greg Kroah-Hartman
2019-02-22 23:15 ` shuah
2019-02-23  8:05   ` Greg Kroah-Hartman
2019-02-22 23:32 ` Guenter Roeck
2019-02-23  8:04   ` Greg Kroah-Hartman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190221125251.958223874@linuxfoundation.org \
    --to=gregkh@linuxfoundation.org \
    --cc=davem@davemloft.net \
    --cc=edumazet@google.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=ncardwell@google.com \
    --cc=sashal@kernel.org \
    --cc=soheil@google.com \
    --cc=soukjin.bae@samsung.com \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).