NAK: [PATCH 0/4][SRU][X] Multiple TCP Fixups

Tyler Hicks tyhicks at canonical.com
Tue Sep 3 17:59:03 UTC 2019 

On 2019-08-29 00:49:44, Tyler Hicks wrote:
> This series reverts my backport of a fixup for the CVE-2019-11478 fix
> and applies the version of the fixup that the TCP maintainer provided
> for the 4.4 linux-stable tree. It also includes another fixup, from
> upstream, which addresses some performance issues that were reported to
> me. Details can be found here:
> 
>  https://databricks.com/blog/2019/08/01/network-performance-regressions-from-tcp-sack-vulnerability-fixes.html
> 
> The fix for CVE-2019-15239 is sandwiched in the middle of the series. It
> made cherry-picking of the entire series from linux-stable possible but,
> more importantly, it fixes a flaw that was caused by a bad backport in
> the linux-stable tree.
> 
>  https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2019-11478
>  https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2019-15239
> 
> Note that the Ubuntu CVE Tracker entry for CVE-2019-15239 is not fully
> updated with breaks-fix commit info as I'm still trying to decide how
> best to do that for this somewhat unique CVE that affects linux-stable
> but not linux.
> 
> I believe that I was able to reproduce the some of the nondeterministic
> performance regression that Databricks was seeing using netperf while
> running the 4.4.0-159.187-generic. I didn't see this behavior while
> testing the 4.4.0-150.176-generic kernel, which is the last published
> kernel before CVE-2019-11478 was fixed. I also don't see the behavior
> once these patches are applied to the 4.4.0-159.187-generic kernel.

These changes are all in the 4.4.189 upstream linux-stable pull request
that was prepared by Connor. This series sent out by me can be ignored.

Tyler

> 
> Tyler
> 
> Eric Dumazet (2):
>   tcp: refine memory limit test in tcp_fragment()
>   tcp: be more careful in tcp_fragment()
> 
> Soheil Hassas Yeganeh (1):
>   tcp: reset sk_send_head in tcp_write_queue_purge
> 
> Tyler Hicks (1):
>   UBUNTU: SAUCE: Revert "tcp: refine memory limit test in
>     tcp_fragment()"
> 
>  include/net/tcp.h     | 22 ++++++++++++++++++++--
>  net/ipv4/tcp_output.c | 12 ++++++++++--
>  2 files changed, 30 insertions(+), 4 deletions(-)
> 
> -- 
> 2.17.1
> 
> 
> -- 
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team

More information about the kernel-team mailing list