On Tue, 16 Jun 2026 at 10:00, Greg KH <[email protected]> wrote:
>
> On Tue, Jun 16, 2026 at 09:52:32AM +0200, Stefano Garzarella wrote:
> > On Tue, Jun 16, 2026 at 10:17:31AM +0530, Greg KH wrote:
> > > On Thu, May 21, 2026 at 03:15:54PM +0200, Stefano Garzarella wrote:
> > > > On Sun, May 17, 2026 at 09:33:06AM -0400, Sasha Levin wrote:
> > > > > > > What's the status of that fix?
> > > > > >
> > > > > > Stefano posted v3 and is working on v4.
> > > > > >
> > > > > > > Should it be reverted elsewhere?
> > > > > >
> > > > > > Donnu. With the change we have no DoS but the socket gets silently
> > > > > > broken. Eric felt given the brokenness is upstream already it's
> > > > > > better
> > > > > > to work on a fix on top, not revert.
> > > > >
> > > > > Dropped from the 6.6, 6.12, 6.18, and 7.0 queues. We'll pick up
> > > > > Stefano's
> > > > > follow-up once it lands upstream.
> > > >
> > > > FYI v4 is now merged in the net tree, so I guess they will land upstream
> > > > soon. I CCed stable on both patches:
> > > >
> > > > a4f0b001782b ("vsock/virtio: reset connection on receiving queue
> > > > overflow")
> > > > c6087c5aaad6 ("vsock/virtio: fix skb overhead accounting to preserve
> > > > full
> > > > buf_alloc")
> > > >
> > > > Both are related, but the second is the main fix of this patch.
> > >
> > > THe second one doesn't apply at all :(
> > >
> >
> > The second one is the fix of the patch originally added to stable queue by
> > this thread, so should be applied on top of it (commit 059b7dbd20a6
> > ("vsock/virtio: fix potential unbounded skb queue")).
> >
> > I'm working on improving memory management, but for now I think it makes
> > sense to backport all three to the stable branches.
> >
> > So, in summary:
> > 059b7dbd20a6 ("vsock/virtio: fix potential unbounded skb queue")
> > a4f0b001782b ("vsock/virtio: reset connection on receiving queue overflow")
> > c6087c5aaad6 ("vsock/virtio: fix skb overhead accounting to preserve full
> > buf_alloc")
>
> Again, this last one fails to apply everywhere :(
Again, c6087c5aaad6 depends on 059b7dbd20a6 (as also indicated by the
Fixes tag in the patch description).
I don't know what you meant with "everywhere", but I just run `git
cherry-pick 059b7dbd20a6 c6087c5aaad6` on linux-6.12.y, linux-6.18.y,
and linux-7.0.y without any issue.
On linux-6.6.y it's failing because we are missing zero-copy support in
AF_VSOCK. So, I guess we didn't backport commit 45ca7e9f0730
("vsock/virtio: fix `rx_bytes` accounting for stream sockets") because
there were conflicts. That patch is needed to apply commit 059b7dbd20a6
("vsock/virtio: fix potential unbounded skb queue") cleanly.
Stefano
