From: Dan Carpenter <dan.carpenter@oracle•com>
To: stable@vger•kernel.org
Cc: Greg Kroah-Hartman <greg@kroah•com>, Zhu Yi <yi.zhu@intel•com>,
netdev@vger•kernel.org, Eric Dumazet <eric.dumazet@gmail•com>
Subject: [patch 2/8 2.6.32] udp: use limited socket backlog
Date: Sun, 13 Nov 2011 23:17:35 +0300 [thread overview]
Message-ID: <20111113201735.GC1362@elgon.mountain> (raw)
In-Reply-To: <20111113201336.GA1362@elgon.mountain>
I had to make some changes to the first chunk in net/ipv6/udp.c to
make this to apply.
>From 55349790d7cbf0d381873a7ece1dcafcffd4aaa9 Mon Sep 17 00:00:00 2001
From: Zhu Yi <yi.zhu@intel•com>
Date: Thu, 4 Mar 2010 18:01:42 +0000
Subject: [PATCH] udp: use limited socket backlog
Make udp adapt to the limited socket backlog change.
Cc: "David S. Miller" <davem@davemloft•net>
Cc: Alexey Kuznetsov <kuznet@ms2•inr.ac.ru>
Cc: "Pekka Savola (ipv6)" <pekkas@netcore•fi>
Cc: Patrick McHardy <kaber@trash•net>
Signed-off-by: Zhu Yi <yi.zhu@intel•com>
Acked-by: Eric Dumazet <eric.dumazet@gmail•com>
Signed-off-by: David S. Miller <davem@davemloft•net>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle•com>
---
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
index 0ac8833..2eaeaf1 100644
--- a/net/ipv4/udp.c
+++ b/net/ipv4/udp.c
@@ -1177,8 +1177,10 @@ int udp_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
bh_lock_sock(sk);
if (!sock_owned_by_user(sk))
rc = __udp_queue_rcv_skb(sk, skb);
- else
- sk_add_backlog(sk, skb);
+ else if (sk_add_backlog_limited(sk, skb)) {
+ bh_unlock_sock(sk);
+ goto drop;
+ }
bh_unlock_sock(sk);
return rc;
diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
index ca520d4..4400eb0 100644
--- a/net/ipv6/udp.c
+++ b/net/ipv6/udp.c
@@ -473,16 +473,19 @@ static int __udp6_lib_mcast_deliver(struct net *net, struct sk_buff *skb,
bh_lock_sock(sk2);
if (!sock_owned_by_user(sk2))
udpv6_queue_rcv_skb(sk2, buff);
- else
- sk_add_backlog(sk2, buff);
+ else if (sk_add_backlog_limited(sk2, buff)) {
+ kfree_skb(buff);
+ bh_unlock_sock(sk2);
+ goto out;
+ }
bh_unlock_sock(sk2);
}
}
bh_lock_sock(sk);
if (!sock_owned_by_user(sk))
udpv6_queue_rcv_skb(sk, skb);
- else
- sk_add_backlog(sk, skb);
+ else if (sk_add_backlog_limited(sk, skb))
+ kfree_skb(skb);
bh_unlock_sock(sk);
out:
spin_unlock(&hslot->lock);
@@ -601,8 +604,12 @@ int __udp6_lib_rcv(struct sk_buff *skb, struct udp_table *udptable,
bh_lock_sock(sk);
if (!sock_owned_by_user(sk))
udpv6_queue_rcv_skb(sk, skb);
- else
- sk_add_backlog(sk, skb);
+ else if (sk_add_backlog_limited(sk, skb)) {
+ atomic_inc(&sk->sk_drops);
+ bh_unlock_sock(sk);
+ sock_put(sk);
+ goto discard;
+ }
bh_unlock_sock(sk);
sock_put(sk);
return 0;
next prev parent reply other threads:[~2011-11-13 20:17 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-13 20:13 [patch 0/8 2.6.32] CVE-2010-4251: packet backlog can get too large Dan Carpenter
2011-11-13 20:17 ` Dan Carpenter [this message]
2011-11-13 20:18 ` [patch 3/8 2.6.32] x25: use limited socket backlog Dan Carpenter
2011-11-13 20:18 ` [patch 4/8 2.6.32] sctp: " Dan Carpenter
2011-11-13 20:18 ` [patch 5/8 2.6.32] tipc: " Dan Carpenter
2011-11-13 20:19 ` [patch 6/8 2.6.32] tcp: " Dan Carpenter
2011-11-13 20:19 ` [patch 7/8 2.6.32] llc: " Dan Carpenter
2011-11-13 20:19 ` [patch 8/8 2.6.32] net: backlog functions rename Dan Carpenter
2011-11-13 20:58 ` [patch 0/8 2.6.32] CVE-2010-4251: packet backlog can get too large David Miller
2011-11-13 23:29 ` Ben Hutchings
2011-11-14 3:24 ` David Miller
2011-11-14 18:11 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111113201735.GC1362@elgon.mountain \
--to=dan.carpenter@oracle$(echo .)com \
--cc=eric.dumazet@gmail$(echo .)com \
--cc=greg@kroah$(echo .)com \
--cc=netdev@vger$(echo .)kernel.org \
--cc=stable@vger$(echo .)kernel.org \
--cc=yi.zhu@intel$(echo .)com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox