RE: [EXTERNAL] [PATCH net-next] net: add missing check for TCP fraglist GRO
From: Suman Ghosh
Date: Tue May 07 2024 - 07:33:57 EST
>----------------------------------------------------------------------
>It turns out that the existing checks do not guarantee that the skb can be
>pulled up to the GRO offset. When using the usb r8152 network driver with
>GRO fraglist, the BUG() in __skb_pull is often triggered.
>Fix the crash by adding the missing check.
>
>Fixes: 8d95dc474f85 ("net: add code for TCP fraglist GRO")
[Suman] Since this is a fix, this should be pushed to "net".
>Signed-off-by: Felix Fietkau <nbd@xxxxxxxx>
>---
> net/ipv4/tcp_offload.c | 1 +
> 1 file changed, 1 insertion(+)
>
>diff --git a/net/ipv4/tcp_offload.c b/net/ipv4/tcp_offload.c index
>c90704befd7b..a71d2e623f0c 100644
>--- a/net/ipv4/tcp_offload.c
>+++ b/net/ipv4/tcp_offload.c
>@@ -353,6 +353,7 @@ struct sk_buff *tcp_gro_receive(struct list_head *head,
>struct sk_buff *skb,
> flush |= (__force int)(flags ^ tcp_flag_word(th2));
> flush |= skb->ip_summed != p->ip_summed;
> flush |= skb->csum_level != p->csum_level;
>+ flush |= !pskb_may_pull(skb, skb_gro_offset(skb));
> flush |= NAPI_GRO_CB(p)->count >= 64;
>
> if (flush || skb_gro_receive_list(p, skb))
>--
>2.44.0
>