On Tue, Jun 16, 2026 at 10:36:43AM +0200, Stefano Garzarella wrote:

On Tue, 16 Jun 2026 at 10:00, Greg KH [off-list ref] wrote:

quoted

On Tue, Jun 16, 2026 at 09:52:32AM +0200, Stefano Garzarella wrote:

quoted

On Tue, Jun 16, 2026 at 10:17:31AM +0530, Greg KH wrote:

quoted

On Thu, May 21, 2026 at 03:15:54PM +0200, Stefano Garzarella wrote:

quoted

On Sun, May 17, 2026 at 09:33:06AM -0400, Sasha Levin wrote:

quoted

quoted

quoted

What's the status of that fix?

Stefano posted v3 and is working on v4.

quoted

 Should it be reverted elsewhere?

Donnu. With the change we have no DoS but the socket gets silently
broken.  Eric felt given the brokenness is upstream already it's better
to work on a fix on top, not revert.

Dropped from the 6.6, 6.12, 6.18, and 7.0 queues. We'll pick up Stefano's
follow-up once it lands upstream.

FYI v4 is now merged in the net tree, so I guess they will land upstream
soon. I CCed stable on both patches:

a4f0b001782b ("vsock/virtio: reset connection on receiving queue overflow")
c6087c5aaad6 ("vsock/virtio: fix skb overhead accounting to preserve full
buf_alloc")

Both are related, but the second is the main fix of this patch.

THe second one doesn't apply at all :(

The second one is the fix of the patch originally added to stable queue by
this thread, so should be applied on top of it (commit 059b7dbd20a6
("vsock/virtio: fix potential unbounded skb queue")).

I'm working on improving memory management, but for now I think it makes
sense to backport all three to the stable branches.

So, in summary:
059b7dbd20a6 ("vsock/virtio: fix potential unbounded skb queue")
a4f0b001782b ("vsock/virtio: reset connection on receiving queue overflow")
c6087c5aaad6 ("vsock/virtio: fix skb overhead accounting to preserve full buf_alloc")

Again, this last one fails to apply everywhere :(

Again, c6087c5aaad6 depends on 059b7dbd20a6 (as also indicated by the 
Fixes tag in the patch description).

I don't know what you meant with "everywhere", but I just run `git 
cherry-pick 059b7dbd20a6 c6087c5aaad6` on linux-6.12.y, linux-6.18.y, 
and linux-7.0.y without any issue.

Sorry, I was just searching for the short-id, which is in commits
already in those trees.  The real commit worked, sorry for the
confusion.

On linux-6.6.y it's failing because we are missing zero-copy support in 
AF_VSOCK. So, I guess we didn't backport commit 45ca7e9f0730 
("vsock/virtio: fix `rx_bytes` accounting for stream sockets") because 
there were conflicts.  That patch is needed to apply commit 059b7dbd20a6 
("vsock/virtio: fix potential unbounded skb queue") cleanly.

That commit does not backport cleanly to 6.6.y, so I still need a patch
series for that tree.

thanks,

greg k-h