Closed flawedworld closed 3 years ago
so, its not as easy as just cherry picking another patch, this is just a tiny part of the whole "packet-DDOS" merge that misses some important bits. I think its a safer call to fix the patch independently for pre refactoring trees.
I gonna test a different approach, it looks we can simply replace the code with using the old spin locking mechanism. something like:
if (netoff > USHRT_MAX) {
spin_lock(&sk->sk_receive_queue.lock);
po->stats.stats1.tp_drops++;
spin_unlock(&sk->sk_receive_queue.lock);
goto drop_n_restore;
}
I gonna spend some testing time and adjust the faulty backport for the pre refactoring trees.
Sounds good, I wont lie, my solution is lazy, but I do agree with you.
@flawedworld can you give patch 7b00ca2937e76d738badb5c5bd9d261dc408fa51 a try?
@anthraxx Yeah, I'll see if I can sneak a compile in before I wrap up for the day, otherwise I will try tomorrow.
@anthraxx Compiled fine for me. Looks good!
patch adjusted in 4.14 and 4.19 tree
The patch sent to the mailing list for the latest kernel requires this commit to build. This is also relevant to 4.14.
Compilation will fail otherwise giving:
net/packet/af_packet.c:2230:19: error: no member named 'tp_drops' in 'struct packet_sock' atomic_inc(&po->tp_drops); ~~ ^