Hi,
On 12/6/24 10:30 PM, Greg Kroah-Hartman wrote:
6.6-stable review patch. If anyone has any objections, please let me know.
From: Zijian Zhang zijianzhang@bytedance.com
[ Upstream commit 5d609ba262475db450ba69b8e8a557bd768ac07a ]
Several fixes to bpf_msg_pop_data,
- In sk_msg_shift_left, we should put_page
- if (len == 0), return early is better
- pop the entire sk_msg (last == msg->sg.size) should be supported
- Fix for the value of variable "a"
- In sk_msg_shift_left, after shifting, i has already pointed to the next
element. Addtional sk_msg_iter_var_next may result in BUG.
Fixes: 7246d8ed4dcc ("bpf: helper to pop data from messages") Signed-off-by: Zijian Zhang zijianzhang@bytedance.com Reviewed-by: John Fastabend john.fastabend@gmail.com Link: https://lore.kernel.org/r/20241106222520.527076-8-zijianzhang@bytedance.com Signed-off-by: Martin KaFai Lau martin.lau@kernel.org Signed-off-by: Sasha Levin sashal@kernel.org
We found the kernel crashed when running kselftests (bpf/test_sockmap) in kernel 6.6 LTS, which is introduced by this commit. I guess all other stable kernels (containing this commit) are also affected.
Please consider backporting the following 2 commits: fdf478d236dc ("skmsg: Return copied bytes in sk_msg_memcopy_from_iter") 5153a75ef34b ("tcp_bpf: Fix copied value in tcp_bpf_sendmsg")
Thanks.