kernel / kernel-source

Clone
Source Code
GIT

Files

  1.   a904a7fc170b2095143dbb1070f5939cf48a453b
  2.   patches.kabi
  3.   kabi-move-sysctl_tcp_min_snd_mss-to-preserve-struct-.patch
Blob Blame History Raw 
From: Michal Kubecek <mkubecek@suse.cz>
Date: Sat, 8 Jun 2019 12:30:13 +0200
Subject: kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout
Patch-mainline: Never, kabi workaround
References: bsc#1137586 CVE-2019-11479

Patch patches.fixes/tcp-add-tcp_min_snd_mss-sysctl.patch adds new member
sysctl_tcp_min_snd_mss into struct netns_ipv4 which is embedded into struct
net so that the patch changes its layout in an incompatible way. Move it to
the end of struct net.

This is safe as struct net is always allocated by in-tree helper and is
never embedded in another structure or used as an array element.

Signed-off-by: Michal Kubecek <mkubecek@suse.cz>
---
 include/net/net_namespace.h | 3 +++
 include/net/netns/ipv4.h    | 1 -
 net/ipv4/sysctl_net_ipv4.c  | 2 +-
 net/ipv4/tcp_ipv4.c         | 2 +-
 net/ipv4/tcp_output.c       | 2 +-
 net/ipv4/tcp_timer.c        | 2 +-
 6 files changed, 7 insertions(+), 5 deletions(-)

--- a/include/net/net_namespace.h
+++ b/include/net/net_namespace.h
@@ -149,6 +149,9 @@ struct net {
 #endif
 	struct sock		*diag_nlsk;
 	atomic_t		fnhe_genid;
+#ifndef __GENKSYMS__
+	int sysctl_tcp_min_snd_mss;
+#endif
 };
 
 #include <linux/seq_file_net.h>
--- a/include/net/netns/ipv4.h
+++ b/include/net/netns/ipv4.h
@@ -105,7 +105,6 @@ struct netns_ipv4 {
 #endif
 	int sysctl_tcp_mtu_probing;
 	int sysctl_tcp_base_mss;
-	int sysctl_tcp_min_snd_mss;
 	int sysctl_tcp_probe_threshold;
 	u32 sysctl_tcp_probe_interval;
 
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -942,7 +942,7 @@ static struct ctl_table ipv4_net_table[] = {
 	},
 	{
 		.procname	= "tcp_min_snd_mss",
-		.data		= &init_net.ipv4.sysctl_tcp_min_snd_mss,
+		.data		= &init_net.sysctl_tcp_min_snd_mss,
 		.maxlen		= sizeof(int),
 		.mode		= 0644,
 		.proc_handler	= proc_dointvec_minmax,
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -2423,7 +2423,7 @@ static int __net_init tcp_sk_init(struct net *net)
 	net->ipv4.sysctl_tcp_ecn_fallback = 1;
 
 	net->ipv4.sysctl_tcp_base_mss = TCP_BASE_MSS;
-	net->ipv4.sysctl_tcp_min_snd_mss = TCP_MIN_SND_MSS;
+	net->sysctl_tcp_min_snd_mss = TCP_MIN_SND_MSS;
 	net->ipv4.sysctl_tcp_probe_threshold = TCP_PROBE_THRESHOLD;
 	net->ipv4.sysctl_tcp_probe_interval = TCP_PROBE_INTERVAL;
 
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -1446,7 +1446,7 @@ static inline int __tcp_mtu_to_mss(struct sock *sk, int pmtu)
 	mss_now -= icsk->icsk_ext_hdr_len;
 
 	/* Then reserve room for full set of TCP options and 8 bytes of data */
-	mss_now = max(mss_now, sock_net(sk)->ipv4.sysctl_tcp_min_snd_mss);
+	mss_now = max(mss_now, sock_net(sk)->sysctl_tcp_min_snd_mss);
 	return mss_now;
 }
 
--- a/net/ipv4/tcp_timer.c
+++ b/net/ipv4/tcp_timer.c
@@ -140,7 +140,7 @@ static void tcp_mtu_probing(struct inet_connection_sock *icsk, struct sock *sk)
 			mss = tcp_mtu_to_mss(sk, icsk->icsk_mtup.search_low) >> 1;
 			mss = min(net->ipv4.sysctl_tcp_base_mss, mss);
 			mss = max(mss, 68 - tp->tcp_header_len);
-			mss = max(mss, net->ipv4.sysctl_tcp_min_snd_mss);
+			mss = max(mss, net->sysctl_tcp_min_snd_mss);
 			icsk->icsk_mtup.search_low = tcp_mss_to_mtu(sk, mss);
 			tcp_sync_mss(sk, icsk->icsk_pmtu_cookie);
 		}
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.