[ 3.5.y.z extended stable ] Patch "tcp: fix FIONREAD/SIOCINQ" has been added to staging queue

Herton Ronaldo Krzesinski herton.krzesinski at canonical.com
Wed Dec 12 05:11:01 UTC 2012


This is a note to let you know that I have just added a patch titled

    tcp: fix FIONREAD/SIOCINQ

to the linux-3.5.y-queue branch of the 3.5.y.z extended stable tree 
which can be found at:

 http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.5.y-queue

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.5.y.z tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Herton

------

>From ceca2ff155e239550f792bb476d2538aff4ff54d Mon Sep 17 00:00:00 2001
From: Eric Dumazet <edumazet at google.com>
Date: Thu, 18 Oct 2012 09:14:12 +0000
Subject: [PATCH] tcp: fix FIONREAD/SIOCINQ

commit a3374c42aa5f7237e87ff3b0622018636b0c847e upstream.

tcp_ioctl() tries to take into account if tcp socket received a FIN
to report correct number bytes in receive queue.

But its flaky because if the application ate the last skb,
we return 1 instead of 0.

Correct way to detect that FIN was received is to test SOCK_DONE.

Reported-by: Elliot Hughes <enh at google.com>
Signed-off-by: Eric Dumazet <edumazet at google.com>
Cc: Neal Cardwell <ncardwell at google.com>
Cc: Tom Herbert <therbert at google.com>
Signed-off-by: David S. Miller <davem at davemloft.net>
Signed-off-by: Herton Ronaldo Krzesinski <herton.krzesinski at canonical.com>
---
 net/ipv4/tcp.c |    8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index 56e9fa7..d758741 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -546,14 +546,12 @@ int tcp_ioctl(struct sock *sk, int cmd, unsigned long arg)
 			 !tp->urg_data ||
 			 before(tp->urg_seq, tp->copied_seq) ||
 			 !before(tp->urg_seq, tp->rcv_nxt)) {
-			struct sk_buff *skb;

 			answ = tp->rcv_nxt - tp->copied_seq;

-			/* Subtract 1, if FIN is in queue. */
-			skb = skb_peek_tail(&sk->sk_receive_queue);
-			if (answ && skb)
-				answ -= tcp_hdr(skb)->fin;
+			/* Subtract 1, if FIN was received */
+			if (answ && sock_flag(sk, SOCK_DONE))
+				answ--;
 		} else
 			answ = tp->urg_seq - tp->copied_seq;
 		release_sock(sk);
--
1.7.9.5





More information about the kernel-team mailing list