[ 19/38] tcp: fix false reordering signal in tcp_shifted_skb

From: Greg KH
Date: Fri Mar 16 2012 - 19:56:07 EST

Next message: Greg KH: "[ 15/38] acer-wmi: No wifi rfkill on Lenovo machines"
Previous message: Greg KH: "[ 13/38] acer-wmi: Add wireless quirk for Lenovo 3000 N200"
In reply to: Greg KH: "[ 13/38] acer-wmi: Add wireless quirk for Lenovo 3000 N200"
Next in thread: Greg KH: "[ 15/38] acer-wmi: No wifi rfkill on Lenovo machines"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

3.0-stable review patch. If anyone has any objections, please let me know.

------------------

From: Neal Cardwell <ncardwell@xxxxxxxxxx>

[ Upstream commit 4c90d3b30334833450ccbb02f452d4972a3c3c3f ]

When tcp_shifted_skb() shifts bytes from the skb that is currently
pointed to by 'highest_sack' then the increment of
TCP_SKB_CB(skb)->seq implicitly advances tcp_highest_sack_seq(). This
implicit advancement, combined with the recent fix to pass the correct
SACKed range into tcp_sacktag_one(), caused tcp_sacktag_one() to think
that the newly SACKed range was before the tcp_highest_sack_seq(),
leading to a call to tcp_update_reordering() with a degree of
reordering matching the size of the newly SACKed range (typically just
1 packet, which is a NOP, but potentially larger).

This commit fixes this by simply calling tcp_sacktag_one() before the
TCP_SKB_CB(skb)->seq advancement that can advance our notion of the
highest SACKed sequence.

Correspondingly, we can simplify the code a little now that
tcp_shifted_skb() should update the lost_cnt_hint in all cases where
skb == tp->lost_skb_hint.

Signed-off-by: Neal Cardwell <ncardwell@xxxxxxxxxx>
Acked-by: Yuchung Cheng <ycheng@xxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/ipv4/tcp_input.c | 18 ++++++++++--------
1 file changed, 10 insertions(+), 8 deletions(-)

--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -1385,8 +1385,16 @@ static int tcp_shifted_skb(struct sock *

BUG_ON(!pcount);

- /* Adjust hint for FACK. Non-FACK is handled in tcp_sacktag_one(). */
- if (tcp_is_fack(tp) && (skb == tp->lost_skb_hint))
+ /* Adjust counters and hints for the newly sacked sequence
+ * range but discard the return value since prev is already
+ * marked. We must tag the range first because the seq
+ * advancement below implicitly advances
+ * tcp_highest_sack_seq() when skb is highest_sack.
+ */
+ tcp_sacktag_one(sk, state, TCP_SKB_CB(skb)->sacked,
+ start_seq, end_seq, dup_sack, pcount);
+
+ if (skb == tp->lost_skb_hint)
tp->lost_cnt_hint += pcount;

TCP_SKB_CB(prev)->end_seq += shifted;
@@ -1412,12 +1420,6 @@ static int tcp_shifted_skb(struct sock *
skb_shinfo(skb)->gso_type = 0;
}

- /* Adjust counters and hints for the newly sacked sequence range but
- * discard the return value since prev is already marked.
- */
- tcp_sacktag_one(sk, state, TCP_SKB_CB(skb)->sacked,
- start_seq, end_seq, dup_sack, pcount);
-
/* Difference in this won't matter, both ACKed by the same cumul. ACK */
TCP_SKB_CB(prev)->sacked |= (TCP_SKB_CB(skb)->sacked & TCPCB_EVER_RETRANS);

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg KH: "[ 15/38] acer-wmi: No wifi rfkill on Lenovo machines"
Previous message: Greg KH: "[ 13/38] acer-wmi: Add wireless quirk for Lenovo 3000 N200"
In reply to: Greg KH: "[ 13/38] acer-wmi: Add wireless quirk for Lenovo 3000 N200"
Next in thread: Greg KH: "[ 15/38] acer-wmi: No wifi rfkill on Lenovo machines"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]