releases/3.4.103/tcp-fix-integer-overflow-in-tcp-vegas.patch

   1 From foo@baz Thu Aug  7 20:47:07 PDT 2014
   2 From: Christoph Paasch <christoph.paasch@uclouvain.be>
   3 Date: Tue, 29 Jul 2014 13:40:57 +0200
   4 Subject: tcp: Fix integer-overflow in TCP vegas
   5
   6 From: Christoph Paasch <christoph.paasch@uclouvain.be>
   7
   8 [ Upstream commit 1f74e613ded11517db90b2bd57e9464d9e0fb161 ]
   9
  10 In vegas we do a multiplication of the cwnd and the rtt. This
  11 may overflow and thus their result is stored in a u64. However, we first
  12 need to cast the cwnd so that actually 64-bit arithmetic is done.
  13
  14 Then, we need to do do_div to allow this to be used on 32-bit arches.
  15
  16 Cc: Stephen Hemminger <stephen@networkplumber.org>
  17 Cc: Neal Cardwell <ncardwell@google.com>
  18 Cc: Eric Dumazet <eric.dumazet@gmail.com>
  19 Cc: David Laight <David.Laight@ACULAB.COM>
  20 Cc: Doug Leith <doug.leith@nuim.ie>
  21 Fixes: 8d3a564da34e (tcp: tcp_vegas cong avoid fix)
  22 Signed-off-by: Christoph Paasch <christoph.paasch@uclouvain.be>
  23 Signed-off-by: David S. Miller <davem@davemloft.net>
  24 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  25 ---
  26  net/ipv4/tcp_vegas.c |    3 ++-
  27  1 file changed, 2 insertions(+), 1 deletion(-)
  28
  29 --- a/net/ipv4/tcp_vegas.c
  30 +++ b/net/ipv4/tcp_vegas.c
  31 @@ -218,7 +218,8 @@ static void tcp_vegas_cong_avoid(struct
  32                          * This is:
  33                          *     (actual rate in segments) * baseRTT
  34                          */
  35 -                       target_cwnd = tp->snd_cwnd * vegas->baseRTT / rtt;
  36 +                       target_cwnd = (u64)tp->snd_cwnd * vegas->baseRTT;
  37 +                       do_div(target_cwnd, rtt);
  38
  39                         /* Calculate the difference between the window we had,
  40                          * and the window we would like to have. This quantity