review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Paolo Abeni <pabeni@redhat.com>
	Wed, 1 Sep 2021 17:15:36 +0000 (10:15 -0700)
committer	Jakub Kicinski <kuba@kernel.org>
	Wed, 1 Sep 2021 17:55:49 +0000 (10:55 -0700)
commit	1094c6fe7280e17e0e87934add5ad2585e990def
tree	8ab0fde4a5fc6bd3782ec08b7d0dc2cef6ba1949	tree \| snapshot
parent	780aa1209f88fd96d40572b62df922662f2b896d	commit \| diff

mptcp: fix possible divide by zero

Florian noted that if mptcp_alloc_tx_skb() allocation fails
in __mptcp_push_pending(), we can end-up invoking
mptcp_push_release()/tcp_push() with a zero mss, causing
a divide by 0 error.

This change addresses the issue refactoring the skb allocation
code checking if skb collapsing will happen for sure and doing
the skb allocation only after such check. Skb allocation will
now happen only after the call to tcp_send_mss() which
correctly initializes mss_now.

As side bonuses we now fill the skb tx cache only when needed,
and this also clean-up a bit the output path.

v1 -> v2:
- use lockdep_assert_held_once() - Jakub
- fix indentation - Jakub

Reported-by: Florian Westphal <fw@strlen.de>
Fixes: 724cfd2ee8aa ("mptcp: allocate TX skbs in msk context")
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>