mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-22 10:31:08 +00:00
Code Issues Releases Wiki Activity
linux-stable/net
History
Xiyu Yang 18f02ad19e bpf: Fix sk_psock refcnt leak when receiving message 
tcp_bpf_recvmsg() invokes sk_psock_get(), which returns a reference of
the specified sk_psock object to "psock" with increased refcnt.

When tcp_bpf_recvmsg() returns, local variable "psock" becomes invalid,
so the refcount should be decreased to keep refcount balanced.

The reference counting issue happens in several exception handling paths
of tcp_bpf_recvmsg(). When those error scenarios occur such as "flags"
includes MSG_ERRQUEUE, the function forgets to decrease the refcnt
increased by sk_psock_get(), causing a refcnt leak.

Fix this issue by calling sk_psock_put() or pulling up the error queue
read handling when those error scenarios occur.

Fixes: e7a5f1f1cd ("bpf/sockmap: Read psock ingress_msg before sk_receive_queue")
Signed-off-by: Xiyu Yang <xiyuyang19@fudan.edu.cn>
Signed-off-by: Xin Tan <tanxin.ctf@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Reviewed-by: Jakub Sitnicki <jakub@cloudflare.com>
Link: https://lore.kernel.org/bpf/1587872115-42805-1-git-send-email-xiyuyang19@fudan.edu.cn
2020-04-27 23:04:05 +02:00
..
6lowpan
9p
802
8021q
appletalk
atm
ax25
batman-adv
bluetooth
bpf
bpfilter
bridge
caif
can
ceph
core net: remove obsolete comment 2020-04-25 20:49:32 -07:00
dcb
dccp
decnet
dns_resolver
dsa
ethernet
ethtool
hsr
ieee802154
ife
ipv4 bpf: Fix sk_psock refcnt leak when receiving message 2020-04-27 23:04:05 +02:00
ipv6
iucv
kcm
key
l2tp
l3mdev
lapb
llc
mac80211 mac80211: sta_info: Add lockdep condition for RCU list usage 2020-04-24 11:31:20 +02:00
mac802154
mpls
mptcp mptcp: fix race in msk status update 2020-04-25 20:38:54 -07:00
ncsi
netfilter
netlabel
netlink
netrom
nfc
nsh
openvswitch
packet
phonet
psample
qrtr
rds
rfkill
rose
rxrpc
sched sch_sfq: validate silly quantum values 2020-04-27 11:49:57 -07:00
sctp
smc
strparser
sunrpc
switchdev
tipc
tls net/tls: Fix sk_psock refcnt leak when in tls_data_ready() 2020-04-27 11:22:38 -07:00
unix
vmw_vsock vsock/virtio: fix multiple packet delivery to monitoring devices 2020-04-27 10:18:01 -07:00
wimax
wireless
x25 net/x25: Fix x25_neigh refcnt leak when x25 disconnect 2020-04-27 11:20:30 -07:00
xdp
xfrm
compat.c
Kconfig
Makefile
socket.c
sysctl_net.c