mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-02 15:18:19 +00:00
Code Issues Releases Wiki Activity
linux-stable/net/ipv6
History
Willem de Bruijn 100f6d8e09 net: correct zerocopy refcnt with udp MSG_MORE 
TCP zerocopy takes a uarg reference for every skb, plus one for the
tcp_sendmsg_locked datapath temporarily, to avoid reaching refcnt zero
as it builds, sends and frees skbs inside its inner loop.

UDP and RAW zerocopy do not send inside the inner loop so do not need
the extra sock_zerocopy_get + sock_zerocopy_put pair. Commit
52900d22288ed ("udp: elide zerocopy operation in hot path") introduced
extra_uref to pass the initial reference taken in sock_zerocopy_alloc
to the first generated skb.

But, sock_zerocopy_realloc takes this extra reference at the start of
every call. With MSG_MORE, no new skb may be generated to attach the
extra_uref to, so refcnt is incorrectly 2 with only one skb.

Do not take the extra ref if uarg && !tcp, which implies MSG_MORE.
Update extra_uref accordingly.

This conditional assignment triggers a false positive may be used
uninitialized warning, so have to initialize extra_uref at define.

Changes v1->v2: fix typo in Fixes SHA1

Fixes: 52900d2228 ("udp: elide zerocopy operation in hot path")
Reported-by: syzbot <syzkaller@googlegroups.com>
Diagnosed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-05-30 15:54:04 -07:00
..
ila treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2019-05-23 14:45:36 -07:00
addrconf.c Validate required parameters in inet6_validate_link_af 2019-05-22 12:07:25 -07:00
addrconf_core.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
addrlabel.c netlink: make validation more configurable for future strictness 2019-04-27 17:07:21 -04:00
af_inet6.c net: rework SIOCGSTAMP ioctl handling 2019-04-19 14:07:40 -07:00
ah6.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
anycast.c net/ipv6: compute anycast address hash only if dev is null 2018-11-08 17:04:43 -08:00
calipso.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
datagram.c net: Treat sock->sk_drops as an unsigned int when printing 2019-05-19 10:31:10 -07:00
esp6.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
esp6_offload.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-05-02 22:14:21 -04:00
exthdrs.c ipv6: make ipv6_renew_options() interrupt/kernel safe 2018-07-05 20:15:26 +09:00
exthdrs_core.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
exthdrs_offload.c
fib6_notifier.c
fib6_rules.c ipv6: Use result arg in fib_lookup_arg consistently 2019-04-23 21:53:11 -07:00
fou6.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
icmp.c ipv6: Add rate limit mask for ICMPv6 messages 2019-04-18 16:58:37 -07:00
inet6_connection_sock.c
inet6_hashtables.c net: tcp6: prefer listeners bound to an address 2018-12-14 15:55:20 -08:00
ip6_checksum.c net: udp: fix handling of CHECKSUM_COMPLETE packets 2018-10-24 14:18:16 -07:00
ip6_fib.c ipv6: prevent possible fib6 leaks 2019-05-16 12:21:00 -07:00
ip6_flowlabel.c ipv6/flowlabel: wait rcu grace period before put_pid() 2019-04-29 23:30:13 -04:00
ip6_gre.c net: ip6_gre: fix possible use-after-free in ip6erspan_rcv 2019-04-08 16:16:47 -07:00
ip6_icmp.c
ip6_input.c net: use indirect calls helpers at early demux stage 2019-05-05 10:38:04 -07:00
ip6_offload.c gso: validate gso_type on ipip style tunnels 2019-02-20 11:24:27 -08:00
ip6_offload.h
ip6_output.c net: correct zerocopy refcnt with udp MSG_MORE 2019-05-30 15:54:04 -07:00
ip6_tunnel.c ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type 2019-04-02 13:19:34 -07:00
ip6_udp_tunnel.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
ip6_vti.c xfrm: store xfrm_mode directly, not its address 2019-04-08 09:15:28 +02:00
ip6mr.c rhashtable: use bit_spin_locks to protect hash bucket. 2019-04-07 19:12:12 -07:00
ipcomp6.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
ipv6_sockglue.c ipv6_sockglue: Fix a missing-check bug in ip6_ra_control() 2019-05-25 10:59:45 -07:00
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Makefile xfrm: make xfrm modes builtin 2019-04-08 09:15:17 +02:00
mcast.c bridge: join all-snoopers multicast address 2019-01-22 17:18:08 -08:00
mcast_snoop.c net: remove unneeded switch fall-through 2019-02-21 13:48:00 -08:00
mip6.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
ndisc.c net ipv6: Prevent neighbor add if protocol is disabled on device 2019-04-17 23:19:07 -07:00
netfilter.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2019-02-18 11:38:30 -08:00
output_core.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
ping.c ipv6: fold sockcm_cookie into ipcm6_cookie 2018-07-07 10:58:49 +09:00
proc.c
protocol.c
raw.c ipv6: Consider sk_bound_dev_if when binding a raw socket to an address 2019-05-21 13:12:39 -07:00
reassembly.c net: remove unused struct inet_frag_queue.fragments field 2019-02-26 08:27:05 -08:00
route.c ipv6: Fix redirect with VRF 2019-05-22 17:58:21 -07:00
seg6.c genetlink: optionally validate strictly/dumps 2019-04-27 17:07:22 -04:00
seg6_hmac.c Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net 2018-07-03 10:29:26 +09:00
seg6_iptunnel.c netlink: make validation more configurable for future strictness 2019-04-27 17:07:21 -04:00
seg6_local.c netlink: make validation more configurable for future strictness 2019-04-27 17:07:21 -04:00
sit.c vrf: sit mtu should not be updated when vrf netdev is the link 2019-05-07 12:19:19 -07:00
syncookies.c
sysctl_net_ipv6.c
tcp_ipv6.c net: use indirect calls helpers at early demux stage 2019-05-05 10:38:04 -07:00
tcpv6_offload.c net: use indirect call wrappers at GRO transport layer 2018-12-15 13:23:02 -08:00
tunnel6.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
udp.c net: use indirect calls helpers at early demux stage 2019-05-05 10:38:04 -07:00
udp_impl.h udp6: add missing rehash callback to udplite 2019-01-17 15:01:08 -08:00
udp_offload.c net: use indirect call wrappers at GRO transport layer 2018-12-15 13:23:02 -08:00
udplite.c udp6: add missing rehash callback to udplite 2019-01-17 15:01:08 -08:00
xfrm6_input.c net: use skb_sec_path helper in more places 2018-12-19 11:21:37 -08:00
xfrm6_output.c xfrm: store xfrm_mode directly, not its address 2019-04-08 09:15:28 +02:00
xfrm6_policy.c xfrm: remove decode_session indirection from afinfo_policy 2019-04-23 07:42:20 +02:00
xfrm6_protocol.c xfrm: remove unneeded export_symbols 2019-04-23 07:42:20 +02:00
xfrm6_state.c
xfrm6_tunnel.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00