Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp2318877pxb; Mon, 20 Sep 2021 18:41:28 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwW2cKmPtGC+iCL2UPrz6+OOEFKNH7W2LK2NJWnoocoZ1ewvv65e6UAywm+LXBY8AeP5XTF X-Received: by 2002:a92:cb43:: with SMTP id f3mr20544791ilq.261.1632188488003; Mon, 20 Sep 2021 18:41:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1632188487; cv=none; d=google.com; s=arc-20160816; b=DJX+3z8DWc3MZsB2ih0Saj8QvE/ne9e6muq5GEUV6CAMcUuO+cj2arUvlPazXQiDho 0Xhby9kot1C/fPYwB+3GwMtm0L+RAf7AF4THZiCnJsRXAYTUm79Fqp+03C4LrXnPjUgJ v/bZzvXbPsKLCy9mJyLMJCrD3fIV+dLJCy7EH1giSkeQTti9G5sEPcO8k2sRyBdMVtgw 1hHdt3RI1qkmrywdpeTBQXRmyMyCeopnGMYT/OdrDVUfZcrggWxhzU5tbVbo/o29AL+j fjIvyB0ov8YI0Toa1srQG4kX0BdlPsgMDMThdBgpT5hEAHnl5Wm7KkhX/7exDuChFqnA C03w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=GEF3bYLwDbG20fZVhm8MFXWjBPf8NlSHncsdKLu4zjY=; b=fsCSIguBm63Grnsgv2CpfOodvD7e6DVYTlTMX1zjNb67q/myG6zKyP+ndA/rg4EOyJ j7lt8NNIRPt0xj4K2SZydoWFTYJckyhvWGhHQQj6+Ks1A81fLIdyh5tXuZEl3q9lugo4 XtbTR5dvZGm57Pg/Rb9SPqED7y2m518chWeLXckOIuDGcOe7cPunQrtTwIrcXU4CA99s Z1Ri/T+saGiGFZbBsHnLO826RFA0qxZiQZMcpdUQ8CptA6oP54zG37QHr233x0jRJida Mnreyup055lPNfMxayRXZm1+g0/LaXHQi3u6AmcD9BKkO8zfhE0lRcSy3CxNWyJlYmSF MP/g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=PQzizoPD; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id 123si14256268jay.90.2021.09.20.18.41.16; Mon, 20 Sep 2021 18:41:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=PQzizoPD; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244086AbhITQtF (ORCPT + 99 others); Mon, 20 Sep 2021 12:49:05 -0400 Received: from mail.kernel.org ([198.145.29.99]:36690 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S243713AbhITQsJ (ORCPT ); Mon, 20 Sep 2021 12:48:09 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id B4432611C2; Mon, 20 Sep 2021 16:46:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1632156402; bh=B9ttuQe0TrkIN+TYK1ll3WOyuwE+Z8wNTzRJBA6xKt0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=PQzizoPDLFJsatnamXPOESmTEuwRRX1m9aebmitnFslzk2t8MEajPrHDKcG6/KN0F tEyN/jpH1oySnFQog1GW011Ls6GOUQoz7v5CdVSDhoSTThzfiwtT219L5yzv0ZJYzv xdEVnpVyzSA29A7e2ZiMDq6q44pW7in4t6oCpFXs= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Martin KaFai Lau , Andrii Nakryiko , Eric Dumazet , Kuniyuki Iwashima , Yonghong Song , Sasha Levin Subject: [PATCH 4.4 042/133] tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos Date: Mon, 20 Sep 2021 18:42:00 +0200 Message-Id: <20210920163914.027770724@linuxfoundation.org> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210920163912.603434365@linuxfoundation.org> References: <20210920163912.603434365@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Martin KaFai Lau [ Upstream commit 525e2f9fd0229eb10cb460a9e6d978257f24804e ] st->bucket stores the current bucket number. st->offset stores the offset within this bucket that is the sk to be seq_show(). Thus, st->offset only makes sense within the same st->bucket. These two variables are an optimization for the common no-lseek case. When resuming the seq_file iteration (i.e. seq_start()), tcp_seek_last_pos() tries to continue from the st->offset at bucket st->bucket. However, it is possible that the bucket pointed by st->bucket has changed and st->offset may end up skipping the whole st->bucket without finding a sk. In this case, tcp_seek_last_pos() currently continues to satisfy the offset condition in the next (and incorrect) bucket. Instead, regardless of the offset value, the first sk of the next bucket should be returned. Thus, "bucket == st->bucket" check is added to tcp_seek_last_pos(). The chance of hitting this is small and the issue is a decade old, so targeting for the next tree. Fixes: a8b690f98baf ("tcp: Fix slowness in read /proc/net/tcp") Signed-off-by: Martin KaFai Lau Signed-off-by: Andrii Nakryiko Reviewed-by: Eric Dumazet Acked-by: Kuniyuki Iwashima Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20210701200541.1033917-1-kafai@fb.com Signed-off-by: Sasha Levin --- net/ipv4/tcp_ipv4.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index bb6d251ce103..f9d55dd2dec8 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -2033,6 +2033,7 @@ static void *tcp_get_idx(struct seq_file *seq, loff_t pos) static void *tcp_seek_last_pos(struct seq_file *seq) { struct tcp_iter_state *st = seq->private; + int bucket = st->bucket; int offset = st->offset; int orig_num = st->num; void *rc = NULL; @@ -2043,7 +2044,7 @@ static void *tcp_seek_last_pos(struct seq_file *seq) break; st->state = TCP_SEQ_STATE_LISTENING; rc = listening_get_next(seq, NULL); - while (offset-- && rc) + while (offset-- && rc && bucket == st->bucket) rc = listening_get_next(seq, rc); if (rc) break; @@ -2054,7 +2055,7 @@ static void *tcp_seek_last_pos(struct seq_file *seq) if (st->bucket > tcp_hashinfo.ehash_mask) break; rc = established_get_first(seq); - while (offset-- && rc) + while (offset-- && rc && bucket == st->bucket) rc = established_get_next(seq, rc); } -- 2.30.2