GET

Patch Detail

get:
Show a patch.

patch:
Update a patch.

put:
Update a patch.

GET /api/patches/1839962/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 1839962,
    "url": "http://patchwork.ozlabs.org/api/patches/1839962/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/ubuntu-kernel/patch/20230926224426.282101-2-yuxuan.luo@canonical.com/",
    "project": {
        "id": 15,
        "url": "http://patchwork.ozlabs.org/api/projects/15/?format=api",
        "name": "Ubuntu Kernel",
        "link_name": "ubuntu-kernel",
        "list_id": "kernel-team.lists.ubuntu.com",
        "list_email": "kernel-team@lists.ubuntu.com",
        "web_url": null,
        "scm_url": null,
        "webscm_url": null,
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<20230926224426.282101-2-yuxuan.luo@canonical.com>",
    "list_archive_url": null,
    "date": "2023-09-26T22:44:26",
    "name": "[SRU,F/J/L,1/1] net: sched: sch_qfq: Fix UAF in qfq_dequeue()",
    "commit_ref": null,
    "pull_url": null,
    "state": "new",
    "archived": false,
    "hash": "f71fd3033dab8229c0565620e1b525fdfa24b67d",
    "submitter": {
        "id": 85211,
        "url": "http://patchwork.ozlabs.org/api/people/85211/?format=api",
        "name": "Yuxuan Luo",
        "email": "yuxuan.luo@canonical.com"
    },
    "delegate": null,
    "mbox": "http://patchwork.ozlabs.org/project/ubuntu-kernel/patch/20230926224426.282101-2-yuxuan.luo@canonical.com/mbox/",
    "series": [
        {
            "id": 375012,
            "url": "http://patchwork.ozlabs.org/api/series/375012/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/ubuntu-kernel/list/?series=375012",
            "date": "2023-09-26T22:44:25",
            "name": "CVE-2023-4921",
            "version": 1,
            "mbox": "http://patchwork.ozlabs.org/series/375012/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/1839962/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/1839962/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<kernel-team-bounces@lists.ubuntu.com>",
        "X-Original-To": "incoming@patchwork.ozlabs.org",
        "Delivered-To": "patchwork-incoming@legolas.ozlabs.org",
        "Authentication-Results": "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com\n (client-ip=185.125.189.65; helo=lists.ubuntu.com;\n envelope-from=kernel-team-bounces@lists.ubuntu.com;\n receiver=patchwork.ozlabs.org)",
        "Received": [
            "from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65])\n\t(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4RwFDl0Pn4z1yqW\n\tfor <incoming@patchwork.ozlabs.org>; Wed, 27 Sep 2023 08:44:53 +1000 (AEST)",
            "from localhost ([127.0.0.1] helo=lists.ubuntu.com)\n\tby lists.ubuntu.com with esmtp (Exim 4.86_2)\n\t(envelope-from <kernel-team-bounces@lists.ubuntu.com>)\n\tid 1qlGnE-00080n-U8; Tue, 26 Sep 2023 22:44:37 +0000",
            "from smtp-relay-internal-1.internal ([10.131.114.114]\n helo=smtp-relay-internal-1.canonical.com)\n by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)\n (Exim 4.86_2) (envelope-from <yuxuan.luo@canonical.com>)\n id 1qlGn9-00080Q-LF\n for kernel-team@lists.ubuntu.com; Tue, 26 Sep 2023 22:44:32 +0000",
            "from mail-qv1-f69.google.com (mail-qv1-f69.google.com\n [209.85.219.69])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest\n SHA256)\n (No client certificate requested)\n by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 686013F044\n for <kernel-team@lists.ubuntu.com>; Tue, 26 Sep 2023 22:44:31 +0000 (UTC)",
            "by mail-qv1-f69.google.com with SMTP id\n 6a1803df08f44-65afa60d118so120373846d6.0\n for <kernel-team@lists.ubuntu.com>; Tue, 26 Sep 2023 15:44:31 -0700 (PDT)",
            "from cache-ubuntu.hsd1.nj.comcast.net\n ([2601:86:200:98b0:2214:6a5b:c615:f258])\n by smtp.gmail.com with ESMTPSA id\n e14-20020a0ce3ce000000b0065b0771f2edsm2628463qvl.136.2023.09.26.15.44.28\n for <kernel-team@lists.ubuntu.com>\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Tue, 26 Sep 2023 15:44:28 -0700 (PDT)"
        ],
        "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20230601; t=1695768270; x=1696373070;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:to:from:x-gm-message-state:from:to:cc\n :subject:date:message-id:reply-to;\n bh=xgnZgyYUPhKf50JNYByvf9Y47O5JL+8eyH9s6Ay+BVY=;\n b=KmkfTZYMRpLokMGyIuBg1r7Y7KL3So7ltRKADMJO/6SmdqQiQ5mbutatkacrBJEEvH\n ZGqtQcMf+TuVU6lftGyblI1Uwsr73miLcEDh+BqQOXPSqfZe/DrMN2hIylzCrRHUkNVL\n rYdBYntewjovL0wNvxfeC7RoRUksBBThsinB3N+pdgYBpeyldWaJRTepVzB2Kb+SGYeW\n zwFLEVnMR0/7Y4OlDFKId04nOlyxy62ddHiKRP9Iusux+/lQfKlbHJWqKpMdwz/EkfoH\n BLZiENVo1/YliuaOo/XpW0VwyIq4y97vc5SEp15ZZZyzNOfyR4nc4Z+vcaLW6hmc9lT5\n K6sQ==",
        "X-Gm-Message-State": "AOJu0Yya/gT9oUaNqs3UUolKt2df5MEqQNTtyG1b1vJHt60ZTtI/MgUA\n UXtP/07LoJ2ZenQtmyl1+R8BqDjIMjG5zsIvy7xUgTcrMvZ4jRO3wRU41kdOztmKTDjo2WGqvsX\n GGMFBW/RbRIOsZJwlnkCP7wJ0794comsrwGJ26KCpAtNpqeylzA==",
        "X-Received": [
            "by 2002:a0c:f1c4:0:b0:65b:2008:8a25 with SMTP id\n u4-20020a0cf1c4000000b0065b20088a25mr366500qvl.47.1695768269810;\n Tue, 26 Sep 2023 15:44:29 -0700 (PDT)",
            "by 2002:a0c:f1c4:0:b0:65b:2008:8a25 with SMTP id\n u4-20020a0cf1c4000000b0065b20088a25mr366477qvl.47.1695768269347;\n Tue, 26 Sep 2023 15:44:29 -0700 (PDT)"
        ],
        "X-Google-Smtp-Source": "\n AGHT+IFlqBnjFHSU1UN8kGfrxqtCQyb2eMAfETr02Ys1oslv1xzWqjZzrsm9+nRY9cPgQ8KTdnXO+w==",
        "From": "Yuxuan Luo <yuxuan.luo@canonical.com>",
        "To": "kernel-team@lists.ubuntu.com",
        "Subject": "[SRU][F/J/L][PATCH 1/1] net: sched: sch_qfq: Fix UAF in qfq_dequeue()",
        "Date": "Tue, 26 Sep 2023 18:44:26 -0400",
        "Message-Id": "<20230926224426.282101-2-yuxuan.luo@canonical.com>",
        "X-Mailer": "git-send-email 2.34.1",
        "In-Reply-To": "<20230926224426.282101-1-yuxuan.luo@canonical.com>",
        "References": "<20230926224426.282101-1-yuxuan.luo@canonical.com>",
        "MIME-Version": "1.0",
        "X-BeenThere": "kernel-team@lists.ubuntu.com",
        "X-Mailman-Version": "2.1.20",
        "Precedence": "list",
        "List-Id": "Kernel team discussions <kernel-team.lists.ubuntu.com>",
        "List-Unsubscribe": "<https://lists.ubuntu.com/mailman/options/kernel-team>,\n <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>",
        "List-Archive": "<https://lists.ubuntu.com/archives/kernel-team>",
        "List-Post": "<mailto:kernel-team@lists.ubuntu.com>",
        "List-Help": "<mailto:kernel-team-request@lists.ubuntu.com?subject=help>",
        "List-Subscribe": "<https://lists.ubuntu.com/mailman/listinfo/kernel-team>,\n <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>",
        "Content-Type": "text/plain; charset=\"utf-8\"",
        "Content-Transfer-Encoding": "base64",
        "Errors-To": "kernel-team-bounces@lists.ubuntu.com",
        "Sender": "\"kernel-team\" <kernel-team-bounces@lists.ubuntu.com>"
    },
    "content": "From: valis <sec@valis.email>\n\nWhen the plug qdisc is used as a class of the qfq qdisc it could trigger a\nUAF. This issue can be reproduced with following commands:\n\n  tc qdisc add dev lo root handle 1: qfq\n  tc class add dev lo parent 1: classid 1:1 qfq weight 1 maxpkt 512\n  tc qdisc add dev lo parent 1:1 handle 2: plug\n  tc filter add dev lo parent 1: basic classid 1:1\n  ping -c1 127.0.0.1\n\nand boom:\n\n[  285.353793] BUG: KASAN: slab-use-after-free in qfq_dequeue+0xa7/0x7f0\n[  285.354910] Read of size 4 at addr ffff8880bad312a8 by task ping/144\n[  285.355903]\n[  285.356165] CPU: 1 PID: 144 Comm: ping Not tainted 6.5.0-rc3+ #4\n[  285.357112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014\n[  285.358376] Call Trace:\n[  285.358773]  <IRQ>\n[  285.359109]  dump_stack_lvl+0x44/0x60\n[  285.359708]  print_address_description.constprop.0+0x2c/0x3c0\n[  285.360611]  kasan_report+0x10c/0x120\n[  285.361195]  ? qfq_dequeue+0xa7/0x7f0\n[  285.361780]  qfq_dequeue+0xa7/0x7f0\n[  285.362342]  __qdisc_run+0xf1/0x970\n[  285.362903]  net_tx_action+0x28e/0x460\n[  285.363502]  __do_softirq+0x11b/0x3de\n[  285.364097]  do_softirq.part.0+0x72/0x90\n[  285.364721]  </IRQ>\n[  285.365072]  <TASK>\n[  285.365422]  __local_bh_enable_ip+0x77/0x90\n[  285.366079]  __dev_queue_xmit+0x95f/0x1550\n[  285.366732]  ? __pfx_csum_and_copy_from_iter+0x10/0x10\n[  285.367526]  ? __pfx___dev_queue_xmit+0x10/0x10\n[  285.368259]  ? __build_skb_around+0x129/0x190\n[  285.368960]  ? ip_generic_getfrag+0x12c/0x170\n[  285.369653]  ? __pfx_ip_generic_getfrag+0x10/0x10\n[  285.370390]  ? csum_partial+0x8/0x20\n[  285.370961]  ? raw_getfrag+0xe5/0x140\n[  285.371559]  ip_finish_output2+0x539/0xa40\n[  285.372222]  ? __pfx_ip_finish_output2+0x10/0x10\n[  285.372954]  ip_output+0x113/0x1e0\n[  285.373512]  ? __pfx_ip_output+0x10/0x10\n[  285.374130]  ? icmp_out_count+0x49/0x60\n[  285.374739]  ? __pfx_ip_finish_output+0x10/0x10\n[  285.375457]  ip_push_pending_frames+0xf3/0x100\n[  285.376173]  raw_sendmsg+0xef5/0x12d0\n[  285.376760]  ? do_syscall_64+0x40/0x90\n[  285.377359]  ? __static_call_text_end+0x136578/0x136578\n[  285.378173]  ? do_syscall_64+0x40/0x90\n[  285.378772]  ? kasan_enable_current+0x11/0x20\n[  285.379469]  ? __pfx_raw_sendmsg+0x10/0x10\n[  285.380137]  ? __sock_create+0x13e/0x270\n[  285.380673]  ? __sys_socket+0xf3/0x180\n[  285.381174]  ? __x64_sys_socket+0x3d/0x50\n[  285.381725]  ? entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[  285.382425]  ? __rcu_read_unlock+0x48/0x70\n[  285.382975]  ? ip4_datagram_release_cb+0xd8/0x380\n[  285.383608]  ? __pfx_ip4_datagram_release_cb+0x10/0x10\n[  285.384295]  ? preempt_count_sub+0x14/0xc0\n[  285.384844]  ? __list_del_entry_valid+0x76/0x140\n[  285.385467]  ? _raw_spin_lock_bh+0x87/0xe0\n[  285.386014]  ? __pfx__raw_spin_lock_bh+0x10/0x10\n[  285.386645]  ? release_sock+0xa0/0xd0\n[  285.387148]  ? preempt_count_sub+0x14/0xc0\n[  285.387712]  ? freeze_secondary_cpus+0x348/0x3c0\n[  285.388341]  ? aa_sk_perm+0x177/0x390\n[  285.388856]  ? __pfx_aa_sk_perm+0x10/0x10\n[  285.389441]  ? check_stack_object+0x22/0x70\n[  285.390032]  ? inet_send_prepare+0x2f/0x120\n[  285.390603]  ? __pfx_inet_sendmsg+0x10/0x10\n[  285.391172]  sock_sendmsg+0xcc/0xe0\n[  285.391667]  __sys_sendto+0x190/0x230\n[  285.392168]  ? __pfx___sys_sendto+0x10/0x10\n[  285.392727]  ? kvm_clock_get_cycles+0x14/0x30\n[  285.393328]  ? set_normalized_timespec64+0x57/0x70\n[  285.393980]  ? _raw_spin_unlock_irq+0x1b/0x40\n[  285.394578]  ? __x64_sys_clock_gettime+0x11c/0x160\n[  285.395225]  ? __pfx___x64_sys_clock_gettime+0x10/0x10\n[  285.395908]  ? _copy_to_user+0x3e/0x60\n[  285.396432]  ? exit_to_user_mode_prepare+0x1a/0x120\n[  285.397086]  ? syscall_exit_to_user_mode+0x22/0x50\n[  285.397734]  ? do_syscall_64+0x71/0x90\n[  285.398258]  __x64_sys_sendto+0x74/0x90\n[  285.398786]  do_syscall_64+0x64/0x90\n[  285.399273]  ? exit_to_user_mode_prepare+0x1a/0x120\n[  285.399949]  ? syscall_exit_to_user_mode+0x22/0x50\n[  285.400605]  ? do_syscall_64+0x71/0x90\n[  285.401124]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[  285.401807] RIP: 0033:0x495726\n[  285.402233] Code: ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 2c 00 00 00 0f 09\n[  285.404683] RSP: 002b:00007ffcc25fb618 EFLAGS: 00000246 ORIG_RAX: 000000000000002c\n[  285.405677] RAX: ffffffffffffffda RBX: 0000000000000040 RCX: 0000000000495726\n[  285.406628] RDX: 0000000000000040 RSI: 0000000002518750 RDI: 0000000000000000\n[  285.407565] RBP: 00000000005205ef R08: 00000000005f8838 R09: 000000000000001c\n[  285.408523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000002517634\n[  285.409460] R13: 00007ffcc25fb6f0 R14: 0000000000000003 R15: 0000000000000000\n[  285.410403]  </TASK>\n[  285.410704]\n[  285.410929] Allocated by task 144:\n[  285.411402]  kasan_save_stack+0x1e/0x40\n[  285.411926]  kasan_set_track+0x21/0x30\n[  285.412442]  __kasan_slab_alloc+0x55/0x70\n[  285.412973]  kmem_cache_alloc_node+0x187/0x3d0\n[  285.413567]  __alloc_skb+0x1b4/0x230\n[  285.414060]  __ip_append_data+0x17f7/0x1b60\n[  285.414633]  ip_append_data+0x97/0xf0\n[  285.415144]  raw_sendmsg+0x5a8/0x12d0\n[  285.415640]  sock_sendmsg+0xcc/0xe0\n[  285.416117]  __sys_sendto+0x190/0x230\n[  285.416626]  __x64_sys_sendto+0x74/0x90\n[  285.417145]  do_syscall_64+0x64/0x90\n[  285.417624]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[  285.418306]\n[  285.418531] Freed by task 144:\n[  285.418960]  kasan_save_stack+0x1e/0x40\n[  285.419469]  kasan_set_track+0x21/0x30\n[  285.419988]  kasan_save_free_info+0x27/0x40\n[  285.420556]  ____kasan_slab_free+0x109/0x1a0\n[  285.421146]  kmem_cache_free+0x1c2/0x450\n[  285.421680]  __netif_receive_skb_core+0x2ce/0x1870\n[  285.422333]  __netif_receive_skb_one_core+0x97/0x140\n[  285.423003]  process_backlog+0x100/0x2f0\n[  285.423537]  __napi_poll+0x5c/0x2d0\n[  285.424023]  net_rx_action+0x2be/0x560\n[  285.424510]  __do_softirq+0x11b/0x3de\n[  285.425034]\n[  285.425254] The buggy address belongs to the object at ffff8880bad31280\n[  285.425254]  which belongs to the cache skbuff_head_cache of size 224\n[  285.426993] The buggy address is located 40 bytes inside of\n[  285.426993]  freed 224-byte region [ffff8880bad31280, ffff8880bad31360)\n[  285.428572]\n[  285.428798] The buggy address belongs to the physical page:\n[  285.429540] page:00000000f4b77674 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xbad31\n[  285.430758] flags: 0x100000000000200(slab|node=0|zone=1)\n[  285.431447] page_type: 0xffffffff()\n[  285.431934] raw: 0100000000000200 ffff88810094a8c0 dead000000000122 0000000000000000\n[  285.432757] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000\n[  285.433562] page dumped because: kasan: bad access detected\n[  285.434144]\n[  285.434320] Memory state around the buggy address:\n[  285.434828]  ffff8880bad31180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n[  285.435580]  ffff8880bad31200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n[  285.436264] >ffff8880bad31280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n[  285.436777]                                   ^\n[  285.437106]  ffff8880bad31300: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc\n[  285.437616]  ffff8880bad31380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n[  285.438126] ==================================================================\n[  285.438662] Disabling lock debugging due to kernel taint\n\nFix this by:\n1. Changing sch_plug's .peek handler to qdisc_peek_dequeued(), a\nfunction compatible with non-work-conserving qdiscs\n2. Checking the return value of qdisc_dequeue_peeked() in sch_qfq.\n\nFixes: 462dbc9101ac (\"pkt_sched: QFQ Plus: fair-queueing service at DRR cost\")\nReported-by: valis <sec@valis.email>\nSigned-off-by: valis <sec@valis.email>\nSigned-off-by: Jamal Hadi Salim <jhs@mojatatu.com>\nLink: https://lore.kernel.org/r/20230901162237.11525-1-jhs@mojatatu.com\nSigned-off-by: Paolo Abeni <pabeni@redhat.com>\n(cherry picked from commit 8fc134fee27f2263988ae38920bc03da416b03d8)\nCVE-2023-4921\nSigned-off-by: Yuxuan Luo <yuxuan.luo@canonical.com>\n---\n net/sched/sch_plug.c |  2 +-\n net/sched/sch_qfq.c  | 22 +++++++++++++++++-----\n 2 files changed, 18 insertions(+), 6 deletions(-)",
    "diff": "diff --git a/net/sched/sch_plug.c b/net/sched/sch_plug.c\nindex cbc2ebca4548..339990bb5981 100644\n--- a/net/sched/sch_plug.c\n+++ b/net/sched/sch_plug.c\n@@ -210,7 +210,7 @@ static struct Qdisc_ops plug_qdisc_ops __read_mostly = {\n \t.priv_size   =       sizeof(struct plug_sched_data),\n \t.enqueue     =       plug_enqueue,\n \t.dequeue     =       plug_dequeue,\n-\t.peek        =       qdisc_peek_head,\n+\t.peek        =       qdisc_peek_dequeued,\n \t.init        =       plug_init,\n \t.change      =       plug_change,\n \t.reset       =\t     qdisc_reset_queue,\ndiff --git a/net/sched/sch_qfq.c b/net/sched/sch_qfq.c\nindex 905c86b50215..b1dbe03dde1b 100644\n--- a/net/sched/sch_qfq.c\n+++ b/net/sched/sch_qfq.c\n@@ -980,10 +980,13 @@ static void qfq_update_eligible(struct qfq_sched *q)\n }\n \n /* Dequeue head packet of the head class in the DRR queue of the aggregate. */\n-static void agg_dequeue(struct qfq_aggregate *agg,\n-\t\t\tstruct qfq_class *cl, unsigned int len)\n+static struct sk_buff *agg_dequeue(struct qfq_aggregate *agg,\n+\t\t\t\t   struct qfq_class *cl, unsigned int len)\n {\n-\tqdisc_dequeue_peeked(cl->qdisc);\n+\tstruct sk_buff *skb = qdisc_dequeue_peeked(cl->qdisc);\n+\n+\tif (!skb)\n+\t\treturn NULL;\n \n \tcl->deficit -= (int) len;\n \n@@ -993,6 +996,8 @@ static void agg_dequeue(struct qfq_aggregate *agg,\n \t\tcl->deficit += agg->lmax;\n \t\tlist_move_tail(&cl->alist, &agg->active);\n \t}\n+\n+\treturn skb;\n }\n \n static inline struct sk_buff *qfq_peek_skb(struct qfq_aggregate *agg,\n@@ -1138,11 +1143,18 @@ static struct sk_buff *qfq_dequeue(struct Qdisc *sch)\n \tif (!skb)\n \t\treturn NULL;\n \n-\tqdisc_qstats_backlog_dec(sch, skb);\n \tsch->q.qlen--;\n+\n+\tskb = agg_dequeue(in_serv_agg, cl, len);\n+\n+\tif (!skb) {\n+\t\tsch->q.qlen++;\n+\t\treturn NULL;\n+\t}\n+\n+\tqdisc_qstats_backlog_dec(sch, skb);\n \tqdisc_bstats_update(sch, skb);\n \n-\tagg_dequeue(in_serv_agg, cl, len);\n \t/* If lmax is lowered, through qfq_change_class, for a class\n \t * owning pending packets with larger size than the new value\n \t * of lmax, then the following condition may hold.\n",
    "prefixes": [
        "SRU",
        "F/J/L",
        "1/1"
    ]
}