| Message ID | 20201202171657.1185108-1-eric.dumazet@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | [net-next] mptcp: avoid potential infinite loop in mptcp_recvmsg() | expand |
On Wed, 2020-12-02 at 09:16 -0800, Eric Dumazet wrote: > From: Eric Dumazet <edumazet@google.com> > > If a packet is ready in receive queue, and application isssues > a recvmsg()/recvfrom()/recvmmsg() request asking for zero bytes, > we hang in mptcp_recvmsg(). > > Fixes: ea4ca586b16f ("mptcp: refine MPTCP-level ack scheduling") > Signed-off-by: Eric Dumazet <edumazet@google.com> > Cc: Paolo Abeni <pabeni@redhat.com> Tested-by: Paolo Abeni <pabeni@redhat.com> Thanks Eric!
On Wed, 2 Dec 2020, Eric Dumazet wrote: > From: Eric Dumazet <edumazet@google.com> > > If a packet is ready in receive queue, and application isssues > a recvmsg()/recvfrom()/recvmmsg() request asking for zero bytes, > we hang in mptcp_recvmsg(). > > Fixes: ea4ca586b16f ("mptcp: refine MPTCP-level ack scheduling") > Signed-off-by: Eric Dumazet <edumazet@google.com> > Cc: Paolo Abeni <pabeni@redhat.com> > --- > net/mptcp/protocol.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > Thanks for catching this Eric. Reviewed-by: Mat Martineau <mathew.j.martineau@linux.intel.com> -- Mat Martineau Intel
diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index 221f7cdd416bdb681968bf1b3ff2ed1b03cea3ce..57213ff60f784fae14c2a96f391ccdec6249c168 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -1921,7 +1921,7 @@ static int mptcp_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, len = min_t(size_t, len, INT_MAX); target = sock_rcvlowat(sk, flags & MSG_WAITALL, len); - for (;;) { + while (copied < len) { int bytes_read, old_space; bytes_read = __mptcp_recvmsg_mskq(msk, msg, len - copied);