| Message ID | 20190829004948.1573-2-tyhicks@canonical.com |
|---|---|
| State | New |
| Headers | show |
| Series | Multiple TCP Fixups | expand |
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c index 719d2cc8770c..ede265fbf7ba 100644 --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c @@ -1163,8 +1163,7 @@ int tcp_fragment(struct sock *sk, struct sk_buff *skb, u32 len, if (nsize < 0) nsize = 0; - if (unlikely((sk->sk_wmem_queued >> 1) > sk->sk_sndbuf && - skb != tcp_send_head(sk))) { + if (unlikely((sk->sk_wmem_queued >> 1) > sk->sk_sndbuf)) { NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPWQUEUETOOBIG); return -ENOMEM; }
This reverts commit 92fc18789a3793965588087a1d7860f38f3c65b4. I've received a private report detailing a performance regression in the Xenial 4.4 kernel that is fixed by commit b617158dc096 ("tcp: be more careful in tcp_fragment()"). Before pulling that patch in, it would be best to revert my backport of commit b6653b3629e5 ("tcp: refine memory limit test in tcp_fragment()") and go with the version that Eric Dumazet provided for the upstream linux-stable 4.4 tree. CVE-2019-11478 Signed-off-by: Tyler Hicks <tyhicks@canonical.com> --- net/ipv4/tcp_output.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-)