This is a note to let you know that I've just added the patch titled
tcp: fix MSG_SENDPAGE_NOTLAST logic
to the 3.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
tcp-fix-msg_sendpage_notlast-logic.patch
and it can be found in the queue-3.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.
>From 8b19905f4cf882dc5fbc403aa3077b01e33c5b4d Mon Sep 17 00:00:00 2001
From: Eric Dumazet <[email protected]>
Date: Sun, 6 Jan 2013 18:21:49 +0000
Subject: tcp: fix MSG_SENDPAGE_NOTLAST logic
From: Eric Dumazet <[email protected]>
[ Upstream commit ae62ca7b03217be5e74759dc6d7698c95df498b3 ]
commit 35f9c09fe9c72e (tcp: tcp_sendpages() should call tcp_push() once)
added an internal flag : MSG_SENDPAGE_NOTLAST meant to be set on all
frags but the last one for a splice() call.
The condition used to set the flag in pipe_to_sendpage() relied on
splice() user passing the exact number of bytes present in the pipe,
or a smaller one.
But some programs pass an arbitrary high value, and the test fails.
The effect of this bug is a lack of tcp_push() at the end of a
splice(pipe -> socket) call, and possibly very slow or erratic TCP
sessions.
We should both test sd->total_len and fact that another fragment
is in the pipe (pipe->nrbufs > 1)
Many thanks to Willy for providing very clear bug report, bisection
and test programs.
Reported-by: Willy Tarreau <[email protected]>
Bisected-by: Willy Tarreau <[email protected]>
Tested-by: Willy Tarreau <[email protected]>
Signed-off-by: Eric Dumazet <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
fs/splice.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -696,8 +696,10 @@ static int pipe_to_sendpage(struct pipe_
return -EINVAL;
more = (sd->flags & SPLICE_F_MORE) ? MSG_MORE : 0;
- if (sd->len < sd->total_len)
+
+ if (sd->len < sd->total_len && pipe->nrbufs > 1)
more |= MSG_SENDPAGE_NOTLAST;
+
return file->f_op->sendpage(file, buf->page, buf->offset,
sd->len, &pos, more);
}
Patches currently in stable-queue which might be from [email protected] are
queue-3.4/tcp-implement-rfc-5961-4.2.patch
queue-3.4/tcp-implement-rfc-5961-3.2.patch
queue-3.4/tcp-rfc-5961-5.2-blind-data-injection-attack-mitigation.patch
queue-3.4/tcp-refine-syn-handling-in-tcp_validate_incoming.patch
queue-3.4/tcp-tcp_replace_ts_recent-should-not-be-called-from-tcp_validate_incoming.patch
queue-3.4/net-sched-integer-overflow-fix.patch
queue-3.4/tcp-fix-msg_sendpage_notlast-logic.patch
queue-3.4/bonding-bonding-driver-does-not-consider-the-gso_max_size-gso_max_segs-setting-of-slave-devices.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
