Received: by 2002:ac0:a679:0:0:0:0:0 with SMTP id p54csp551844imp; Thu, 21 Feb 2019 06:42:35 -0800 (PST) X-Google-Smtp-Source: AHgI3IZFWF7wQ083xciDS3rlWYP/KdESr+BcGAR7M1TcnhT7tXTQkE8PlsEG5gw9nxxSimw1AFOl X-Received: by 2002:a17:902:207:: with SMTP id 7mr37383575plc.142.1550760155262; Thu, 21 Feb 2019 06:42:35 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1550760155; cv=none; d=google.com; s=arc-20160816; b=tTxfN7AQL4AYyO6VyVQGCyUh71GiNHg5RKol3EFIWoLlaVIj7Bo10JGWHxB3G85fpf n7EennQcjC7IXlldMWHNsQYoBAbtuu9vOsWtEj2p8zPtuYFx3WLoZfEnhe9L/jkHE4gA Wc1v9DhYqvrqa3/LrBVtGjS1j4WC/n0vHMQv8tBk2yAVfSS1kyNoQDW37IUILuzw+I4w a2hbTtvAw61EiXt9773KFnUuK++FkmZwzATbhrFz4umqGtr8iM9E75Y1GvygyZEKKL5m YYxezvRIjSj+EbnKIdShmCVOyJlxq6NvxflrNcWT5mAe0g/3CSaCYQ9gF0z8VbPd/afX uRzw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=HN/muQ0zFyRxiqvaIuLIoHo3mMax67IZG7bHbTTaoW0=; b=jUfwLt9fGSn4+VhlURd9JyExnwL9I9MGpgfEXlh4oH73C4FK3tJ2tFgI4z/ppv8Fvb DnAHlhx3vDnmuUvS+Rj8OoX5Rd7dMSISWhn7Me72ddbxaiFt7LZVeHaiSSktvwU3+r39 17mZuK7L4kOH82hsX2p7ERzx9JNF80awHDSepJil8+G0fsKb1312hHYA6ri2XqvysKxn DtmThIbFLhqmbLp81vKDTGvjuvZGqC3mt+lj/LoE73QPCCbEYLHjHdy1HajGLY2DU8ne 95Z+o8rZs9sq9vaezhzj8khsl4oTF8SnTdqt3mjMF/gwisLc3RUyI3WkwMK+Bm6OlhzI Fm5Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=G+5PPf+l; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a90si22362207plc.314.2019.02.21.06.42.20; Thu, 21 Feb 2019 06:42:35 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=G+5PPf+l; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729031AbfBUOj7 (ORCPT + 99 others); Thu, 21 Feb 2019 09:39:59 -0500 Received: from mail.kernel.org ([198.145.29.99]:34150 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728532AbfBUOjz (ORCPT ); Thu, 21 Feb 2019 09:39:55 -0500 Received: from localhost (5356596B.cm-6-7b.dynamic.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id B1ECD2080D; Thu, 21 Feb 2019 14:39:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1550759995; bh=IAuyMOnB04kpityV8Pa2rhu8E/jbLmw/69rC0V4yzjE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=G+5PPf+lCXl6QKS+TQt4bgt6zB+Vr2WMrUGn1FqXu5aU53JME/G9wTLNbZyKDX+J3 eqDrEHvI4tQl8Abk6fzgiszhZhwGilc0vH2K4IUt0HzYRbq41IYUtMCib+ZyOxzjft jZ4wlyU4RBn5T2tOO7sZNLL777Gl4Hc9bbgaPmAY= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Eric Dumazet , soukjin bae , Neal Cardwell , Soheil Hassas Yeganeh , "David S. Miller" Subject: [PATCH 4.14 17/23] tcp: tcp_v4_err() should be more careful Date: Thu, 21 Feb 2019 15:35:59 +0100 Message-Id: <20190221125247.594253409@linuxfoundation.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190221125246.162644302@linuxfoundation.org> References: <20190221125246.162644302@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review X-Patchwork-Hint: ignore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.14-stable review patch. If anyone has any objections, please let me know. ------------------ From: Eric Dumazet [ Upstream commit 2c4cc9712364c051b1de2d175d5fbea6be948ebf ] ICMP handlers are not very often stressed, we should make them more resilient to bugs that might surface in the future. If there is no packet in retransmit queue, we should avoid a NULL deref. Signed-off-by: Eric Dumazet Reported-by: soukjin bae Acked-by: Neal Cardwell Acked-by: Soheil Hassas Yeganeh Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- net/ipv4/tcp_ipv4.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -475,14 +475,15 @@ void tcp_v4_err(struct sk_buff *icmp_skb if (sock_owned_by_user(sk)) break; + skb = tcp_write_queue_head(sk); + if (WARN_ON_ONCE(!skb)) + break; + icsk->icsk_backoff--; icsk->icsk_rto = tp->srtt_us ? __tcp_set_rto(tp) : TCP_TIMEOUT_INIT; icsk->icsk_rto = inet_csk_rto_backoff(icsk, TCP_RTO_MAX); - skb = tcp_write_queue_head(sk); - BUG_ON(!skb); - tcp_mstamp_refresh(tp); delta_us = (u32)(tp->tcp_mstamp - skb->skb_mstamp); remaining = icsk->icsk_rto -