linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-01 14:44:12 +00:00

No description

Find a file

Kuniyuki Iwashima 1d8a87d6b6 tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct(). commit `d38afeec26` upstream. Originally, inet6_sk(sk)->XXX were changed under lock_sock(), so we were able to clean them up by calling inet6_destroy_sock() during the IPv6 -> IPv4 conversion by IPV6_ADDRFORM. However, commit `03485f2adc` ("udpv6: Add lockless sendmsg() support") added a lockless memory allocation path, which could cause a memory leak: setsockopt(IPV6_ADDRFORM) sendmsg() +-----------------------+ +-------+ - do_ipv6_setsockopt(sk, ...) - udpv6_sendmsg(sk, ...) - sockopt_lock_sock(sk) ^._ called via udpv6_prot - lock_sock(sk) before WRITE_ONCE() - WRITE_ONCE(sk->sk_prot, &tcp_prot) - inet6_destroy_sock() - if (!corkreq) - sockopt_release_sock(sk) - ip6_make_skb(sk, ...) - release_sock(sk) ^._ lockless fast path for the non-corking case - __ip6_append_data(sk, ...) - ipv6_local_rxpmtu(sk, ...) - xchg(&np->rxpmtu, skb) ^._ rxpmtu is never freed. - goto out_no_dst; - lock_sock(sk) For now, rxpmtu is only the case, but not to miss the future change and a similar bug fixed in commit `e27326009a` ("net: ping6: Fix memleak in ipv6_renew_options()."), let's set a new function to IPv6 sk->sk_destruct() and call inet6_cleanup_sock() there. Since the conversion does not change sk->sk_destruct(), we can guarantee that we can clean up IPv6 resources finally. We can now remove all inet6_destroy_sock() calls from IPv6 protocol specific ->destroy() functions, but such changes are invasive to backport. So they can be posted as a follow-up later for net-next. Fixes: `03485f2adc` ("udpv6: Add lockless sendmsg() support") Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: Ziyang Xuan <william.xuanziyang@huawei.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2023-04-26 11:21:52 +02:00
arch	x86/purgatory: Don't generate debug info for purgatory.ro	2023-04-26 11:21:52 +02:00
block	block: bio-integrity: Copy flags when bio_integrity_payload is cloned	2023-03-11 16:31:33 +01:00
certs	certs/blacklist_hashes.c: fix const confusion in certs blacklist	2022-06-25 11:49:16 +02:00
crypto	verify_pefile: relax wrapper length check	2023-04-20 12:04:40 +02:00
Documentation	ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard	2023-04-20 12:04:39 +02:00
drivers	memstick: fix memory leak if card device is never registered	2023-04-26 11:21:52 +02:00
firmware	Fix built-in early-load Intel microcode alignment	2020-01-23 08:21:29 +01:00
fs	ext4: fix use-after-free in ext4_xattr_set_entry	2023-04-26 11:21:52 +02:00
include	tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct().	2023-04-26 11:21:52 +02:00
init	random: handle latent entropy and command line from random_init()	2022-06-25 11:49:11 +02:00
ipc	ipc/sem: Fix dangling sem_array access in semtimedop race	2022-12-08 11:18:35 +01:00
kernel	cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()	2023-04-20 12:04:40 +02:00
lib	lib/mpi: Fix buffer overrun when SG is too long	2023-03-11 16:31:35 +01:00
LICENSES	LICENSES: Remove CC-BY-SA-4.0 license text	2018-10-18 11:28:50 +02:00
mm	mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()	2023-04-20 12:04:39 +02:00
net	tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct().	2023-04-26 11:21:52 +02:00
samples	samples: vfio-mdev: Fix missing pci_disable_device() in mdpy_fb_probe()	2023-01-18 11:30:28 +01:00
scripts	kbuild: generate modules.order only in directories visited by obj-y/m	2023-03-17 08:31:43 +01:00
security	ima: Align ima_file_mmap() parameters with mmap_file LSM hook	2023-03-11 16:31:51 +01:00
sound	ALSA: hda/sigmatel: fix S/PDIF out on Intel D45 motherboards	2023-04-20 12:04:39 +02:00
tools	selftests: sigaltstack: fix -Wuninitialized	2023-04-26 11:21:51 +02:00
usr	initramfs: restore default compression behavior	2020-04-13 10:44:59 +02:00
virt	KVM: arm64: vgic: Fix exit condition in scan_its_table()	2022-11-03 23:52:24 +09:00
.clang-format	clang-format: Set IndentWrappedFunctionNames false	2018-08-01 18:38:51 +02:00
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap	libnvdimm-for-4.19_misc	2018-08-25 18:13:10 -07:00
COPYING
CREDITS	9p: remove Ron Minnich from MAINTAINERS	2018-08-17 16:20:26 -07:00
Kbuild
Kconfig	kconfig: move the "Executable file formats" menu to fs/Kconfig.binfmt	2018-08-02 08:06:55 +09:00
MAINTAINERS	intel-ethernet: rename i40evf to iavf	2023-04-05 11:15:32 +02:00
Makefile	Linux 4.19.281	2023-04-20 12:04:41 +02:00
README

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.