[openwrt/openwrt] kernel: add missing check for TCP GRO
LEDE Commits
lede-commits at lists.infradead.org
Fri May 3 09:45:57 PDT 2024
nbd pushed a commit to openwrt/openwrt.git, branch main:
https://git.openwrt.org/a5a941a997c46b125cb76dca7565a688bb2ad899
commit a5a941a997c46b125cb76dca7565a688bb2ad899
Author: Felix Fietkau <nbd at nbd.name>
AuthorDate: Fri May 3 18:44:57 2024 +0200
kernel: add missing check for TCP GRO
Need to check if the skb data buffer is linear up to (and including) the TCP
header.
Fixes: https://github.com/openwrt/openwrt/issues/15359
Signed-off-by: Felix Fietkau <nbd at nbd.name>
---
.../pending-6.1/680-net-add-TCP-fraglist-GRO-support.patch | 9 +++++----
.../pending-6.6/680-net-add-TCP-fraglist-GRO-support.patch | 9 +++++----
2 files changed, 10 insertions(+), 8 deletions(-)
diff --git a/target/linux/generic/pending-6.1/680-net-add-TCP-fraglist-GRO-support.patch b/target/linux/generic/pending-6.1/680-net-add-TCP-fraglist-GRO-support.patch
index 841c0de3e1..f52233fe90 100644
--- a/target/linux/generic/pending-6.1/680-net-add-TCP-fraglist-GRO-support.patch
+++ b/target/linux/generic/pending-6.1/680-net-add-TCP-fraglist-GRO-support.patch
@@ -318,7 +318,7 @@ Signe-off-by: Felix Fietkau <nbd at nbd.name>
flush = NAPI_GRO_CB(p)->flush;
flush |= (__force int)(flags & TCP_FLAG_CWR);
flush |= (__force int)((flags ^ tcp_flag_word(th2)) &
-@@ -268,6 +350,18 @@ found:
+@@ -268,6 +350,19 @@ found:
flush |= p->decrypted ^ skb->decrypted;
#endif
@@ -326,6 +326,7 @@ Signe-off-by: Felix Fietkau <nbd at nbd.name>
+ flush |= (__force int)(flags ^ tcp_flag_word(th2));
+ flush |= skb->ip_summed != p->ip_summed;
+ flush |= skb->csum_level != p->csum_level;
++ flush |= !pskb_may_pull(skb, skb_gro_offset(skb));
+ flush |= NAPI_GRO_CB(p)->count >= 64;
+
+ if (flush || skb_gro_receive_list(p, skb))
@@ -337,7 +338,7 @@ Signe-off-by: Felix Fietkau <nbd at nbd.name>
if (flush || skb_gro_receive(p, skb)) {
mss = 1;
goto out_check_final;
-@@ -289,7 +383,6 @@ out_check_final:
+@@ -289,7 +384,6 @@ out_check_final:
if (p && (!NAPI_GRO_CB(skb)->same_flow || flush))
pp = p;
@@ -345,7 +346,7 @@ Signe-off-by: Felix Fietkau <nbd at nbd.name>
NAPI_GRO_CB(skb)->flush |= (flush != 0);
return pp;
-@@ -315,18 +408,58 @@ int tcp_gro_complete(struct sk_buff *skb
+@@ -315,18 +409,58 @@ int tcp_gro_complete(struct sk_buff *skb
}
EXPORT_SYMBOL(tcp_gro_complete);
@@ -409,7 +410,7 @@ Signe-off-by: Felix Fietkau <nbd at nbd.name>
}
INDIRECT_CALLABLE_SCOPE int tcp4_gro_complete(struct sk_buff *skb, int thoff)
-@@ -334,6 +467,15 @@ INDIRECT_CALLABLE_SCOPE int tcp4_gro_com
+@@ -334,6 +468,15 @@ INDIRECT_CALLABLE_SCOPE int tcp4_gro_com
const struct iphdr *iph = ip_hdr(skb);
struct tcphdr *th = tcp_hdr(skb);
diff --git a/target/linux/generic/pending-6.6/680-net-add-TCP-fraglist-GRO-support.patch b/target/linux/generic/pending-6.6/680-net-add-TCP-fraglist-GRO-support.patch
index 7af7d8830c..cd77626677 100644
--- a/target/linux/generic/pending-6.6/680-net-add-TCP-fraglist-GRO-support.patch
+++ b/target/linux/generic/pending-6.6/680-net-add-TCP-fraglist-GRO-support.patch
@@ -269,7 +269,7 @@ Signe-off-by: Felix Fietkau <nbd at nbd.name>
flush = NAPI_GRO_CB(p)->flush;
flush |= (__force int)(flags & TCP_FLAG_CWR);
flush |= (__force int)((flags ^ tcp_flag_word(th2)) &
-@@ -269,6 +351,18 @@ found:
+@@ -269,6 +351,19 @@ found:
flush |= p->decrypted ^ skb->decrypted;
#endif
@@ -277,6 +277,7 @@ Signe-off-by: Felix Fietkau <nbd at nbd.name>
+ flush |= (__force int)(flags ^ tcp_flag_word(th2));
+ flush |= skb->ip_summed != p->ip_summed;
+ flush |= skb->csum_level != p->csum_level;
++ flush |= !pskb_may_pull(skb, skb_gro_offset(skb));
+ flush |= NAPI_GRO_CB(p)->count >= 64;
+
+ if (flush || skb_gro_receive_list(p, skb))
@@ -288,7 +289,7 @@ Signe-off-by: Felix Fietkau <nbd at nbd.name>
if (flush || skb_gro_receive(p, skb)) {
mss = 1;
goto out_check_final;
-@@ -290,7 +384,6 @@ out_check_final:
+@@ -290,7 +385,6 @@ out_check_final:
if (p && (!NAPI_GRO_CB(skb)->same_flow || flush))
pp = p;
@@ -296,7 +297,7 @@ Signe-off-by: Felix Fietkau <nbd at nbd.name>
NAPI_GRO_CB(skb)->flush |= (flush != 0);
return pp;
-@@ -314,18 +407,58 @@ void tcp_gro_complete(struct sk_buff *sk
+@@ -314,18 +408,58 @@ void tcp_gro_complete(struct sk_buff *sk
}
EXPORT_SYMBOL(tcp_gro_complete);
@@ -360,7 +361,7 @@ Signe-off-by: Felix Fietkau <nbd at nbd.name>
}
INDIRECT_CALLABLE_SCOPE int tcp4_gro_complete(struct sk_buff *skb, int thoff)
-@@ -333,6 +466,15 @@ INDIRECT_CALLABLE_SCOPE int tcp4_gro_com
+@@ -333,6 +467,15 @@ INDIRECT_CALLABLE_SCOPE int tcp4_gro_com
const struct iphdr *iph = ip_hdr(skb);
struct tcphdr *th = tcp_hdr(skb);
More information about the lede-commits
mailing list