On Thu, Feb 27, 2025 at 05:40:02PM +0800, Tianchen Ding wrote:
Hi,
On 12/6/24 10:30 PM, Greg Kroah-Hartman wrote:
6.6-stable review patch. If anyone has any objections, please let me know.
From: Zijian Zhang zijianzhang@bytedance.com
[ Upstream commit 5d609ba262475db450ba69b8e8a557bd768ac07a ]
Several fixes to bpf_msg_pop_data,
- In sk_msg_shift_left, we should put_page
- if (len == 0), return early is better
- pop the entire sk_msg (last == msg->sg.size) should be supported
- Fix for the value of variable "a"
- In sk_msg_shift_left, after shifting, i has already pointed to the next
element. Addtional sk_msg_iter_var_next may result in BUG.
Fixes: 7246d8ed4dcc ("bpf: helper to pop data from messages") Signed-off-by: Zijian Zhang zijianzhang@bytedance.com Reviewed-by: John Fastabend john.fastabend@gmail.com Link: https://lore.kernel.org/r/20241106222520.527076-8-zijianzhang@bytedance.com Signed-off-by: Martin KaFai Lau martin.lau@kernel.org Signed-off-by: Sasha Levin sashal@kernel.org
We found the kernel crashed when running kselftests (bpf/test_sockmap) in kernel 6.6 LTS, which is introduced by this commit. I guess all other stable kernels (containing this commit) are also affected.
Please consider backporting the following 2 commits: fdf478d236dc ("skmsg: Return copied bytes in sk_msg_memcopy_from_iter") 5153a75ef34b ("tcp_bpf: Fix copied value in tcp_bpf_sendmsg")
Please submit the tested series to us, properly backported, and we will be glad to review them for stable inclusion (remember to also properly send patches for newer stable releases as needed.)
thanks,
greg k-h