On Wed, 2017-01-25 at 14:03 -0500, David Miller wrote:
> From: Eric Dumazet
> Date: Wed, 25 Jan 2017 10:38:52 -0800
>
> > Do you think we could change __pskb_pull_tail() right away and fix the
> > few places that would break, or should we add various helpers with extra
>
From: Eric Dumazet
Date: Wed, 25 Jan 2017 10:38:52 -0800
> Do you think we could change __pskb_pull_tail() right away and fix the
> few places that would break, or should we add various helpers with extra
> parameters to take a safe route ?
It should always be safe as
On Wed, 2017-01-25 at 13:17 -0500, David Miller wrote:
> Applied, thanks Eric.
Thanks David.
It looks IPv6 potential big network headers are also a threat :
Various pskb_may_pull() to pull headers might reallocate skb->head,
but skb->truesize is not updated in __pskb_pull_tail()
We probably
From: Eric Dumazet
Date: Tue, 24 Jan 2017 14:57:36 -0800
> From: Eric Dumazet
>
> tcp_add_backlog() can use skb_condense() helper to get better
> gains and less SKB_TRUESIZE() magic. This only happens when socket
> backlog has to be used.
>
> Some
From: Eric Dumazet
tcp_add_backlog() can use skb_condense() helper to get better
gains and less SKB_TRUESIZE() magic. This only happens when socket
backlog has to be used.
Some attacks involve specially crafted out of order tiny TCP packets,
clogging the ofo queue of (many)