microsoft
/
WSL2-Linux-Kernel
зеркало из https://github.com/microsoft/WSL2-Linux-Kernel.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
WSL2-Linux-Kernel/net/ipv4
История
Wang Yufen 2486ab434b bpf, sockmap: Fix double uncharge the mem of sk_msg 
If tcp_bpf_sendmsg is running during a tear down operation, psock may be
freed.

tcp_bpf_sendmsg()
 tcp_bpf_send_verdict()
  sk_msg_return()
  tcp_bpf_sendmsg_redir()
   unlikely(!psock))
     sk_msg_free()

The mem of msg has been uncharged in tcp_bpf_send_verdict() by
sk_msg_return(), and would be uncharged by sk_msg_free() again. When psock
is null, we can simply returning an error code, this would then trigger
the sk_msg_free_nocharge in the error path of __SK_REDIRECT and would have
the side effect of throwing an error up to user space. This would be a
slight change in behavior from user side but would look the same as an
error if the redirect on the socket threw an error.

This issue can cause the following info:
WARNING: CPU: 0 PID: 2136 at net/ipv4/af_inet.c:155 inet_sock_destruct+0x13c/0x260
Call Trace:
 <TASK>
 __sk_destruct+0x24/0x1f0
 sk_psock_destroy+0x19b/0x1c0
 process_one_work+0x1b3/0x3c0
 worker_thread+0x30/0x350
 ? process_one_work+0x3c0/0x3c0
 kthread+0xe6/0x110
 ? kthread_complete_and_exit+0x20/0x20
 ret_from_fork+0x22/0x30
 </TASK>

Fixes: 604326b41a ("bpf, sockmap: convert to generic sk_msg interface")
Signed-off-by: Wang Yufen <wangyufen@huawei.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: John Fastabend <john.fastabend@gmail.com>
Link: https://lore.kernel.org/bpf/20220304081145.2037182-5-wangyufen@huawei.com
 		2022-03-15 16:43:31 +01:00
..
bpfilter
netfilter netfilter: conntrack: pptp: use single option structure 2022-02-04 06:30:28 +01:00
Kconfig
Makefile
af_inet.c gso: do not skip outer ip header in case of ipip and net_failover 2022-02-21 11:41:30 +00:00
ah4.c
arp.c net: neigh: add skb drop reasons to arp_error_report() 2022-02-26 12:53:59 +00:00
bpf_tcp_ca.c bpf: reject program if a __user tagged memory accessed in kernel way 2022-01-27 12:03:46 -08:00
cipso_ipv4.c
datagram.c
devinet.c net: Add new protocol attribute to IP addresses 2022-02-18 21:20:06 -08:00
esp4.c Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6" 2022-01-27 07:34:06 +01:00
esp4_offload.c net: move gro definitions to include/net/gro.h 2021-11-16 13:16:54 +00:00
fib_frontend.c ipv4: Invalidate neighbour for broadcast address upon address addition 2022-02-21 11:44:30 +00:00
fib_lookup.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-02-17 11:44:20 -08:00
fib_notifier.c
fib_rules.c ipv4: Reject again rules with high DSCP values 2022-02-10 15:33:33 +00:00
fib_semantics.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-02-17 11:44:20 -08:00
fib_trie.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-02-17 11:44:20 -08:00
fou.c gro: remove rcu_read_lock/rcu_read_unlock from gro_complete handlers 2021-11-24 17:21:42 -08:00
gre_demux.c
gre_offload.c gro: remove rcu_read_lock/rcu_read_unlock from gro_complete handlers 2021-11-24 17:21:42 -08:00
icmp.c ipv4: do not use per netns icmp sockets 2022-01-25 11:25:21 +00:00
igmp.c ipv4: drop unused assignment 2021-11-14 12:20:44 +00:00
inet_connection_sock.c tcp: Use BPF timeout setting for SYN ACK RTO 2022-02-02 14:45:18 +00:00
inet_diag.c inet_diag: fix kernel-infoleak for UDP sockets 2021-12-10 21:14:49 -08:00
inet_fragment.c net: ip: Handle delivery_time in ip defrag 2022-03-03 14:38:48 +00:00
inet_hashtables.c tcp: Don't acquire inet_listen_hashbucket::lock with disabled BH. 2022-02-09 21:28:36 -08:00
inet_timewait_sock.c tcp: allocate tcp_death_row outside of struct netns_ipv4 2022-01-26 19:00:31 -08:00
inetpeer.c
ip_forward.c net: Add skb_clear_tstamp() to keep the mono delivery_time 2022-03-03 14:38:48 +00:00
ip_fragment.c net: ip: Handle delivery_time in ip defrag 2022-03-03 14:38:48 +00:00
ip_gre.c gre: Don't accidentally set RTO_ONLINK in gre_fill_metadata_dst() 2022-01-11 20:36:08 -08:00
ip_input.c net: Postpone skb_clear_delivery_time() until knowing the skb is delivered locally 2022-03-03 14:38:48 +00:00
ip_options.c ipv4: drop fragmentation code from ip_options_build() 2022-01-29 17:53:07 +00:00
ip_output.c net: Set skb->mono_delivery_time and clear it after sch_handle_ingress() 2022-03-03 14:38:48 +00:00
ip_sockglue.c ipv4: Exposing __ip_sock_set_tos() in ip.h 2021-11-20 14:11:00 +00:00
ip_tunnel.c
ip_tunnel_core.c
ip_vti.c
ipcomp.c
ipconfig.c
ipip.c
ipmr.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-02-10 17:29:56 -08:00
ipmr_base.c
metrics.c
netfilter.c
netlink.c
nexthop.c nexthop: change nexthop_net_exit() to nexthop_net_exit_batch() 2022-02-08 20:41:33 -08:00
ping.c ping: remove pr_err from ping_lookup 2022-02-24 09:18:29 -08:00
proc.c tcp: allocate tcp_death_row outside of struct netns_ipv4 2022-01-26 19:00:31 -08:00
protocol.c
raw.c Networking fixes for 5.17-rc2, including fixes from netfilter and can. 2022-01-27 20:58:39 +02:00
raw_diag.c
route.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-02-17 11:44:20 -08:00
syncookies.c net: align static siphash keys 2021-11-16 19:07:54 -08:00
sysctl_net_ipv4.c tcp: allocate tcp_death_row outside of struct netns_ipv4 2022-01-26 19:00:31 -08:00
tcp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-03-03 11:55:12 -08:00
tcp_bbr.c bpf: Remove check_kfunc_call callback and old kfunc BTF ID API 2022-01-18 14:26:41 -08:00
tcp_bic.c
tcp_bpf.c bpf, sockmap: Fix double uncharge the mem of sk_msg 2022-03-15 16:43:31 +01:00
tcp_cdg.c
tcp_cong.c
tcp_cubic.c bpf: Remove check_kfunc_call callback and old kfunc BTF ID API 2022-01-18 14:26:41 -08:00
tcp_dctcp.c bpf: Remove check_kfunc_call callback and old kfunc BTF ID API 2022-01-18 14:26:41 -08:00
tcp_dctcp.h
tcp_diag.c
tcp_fastopen.c
tcp_highspeed.c
tcp_htcp.c
tcp_hybla.c
tcp_illinois.c
tcp_input.c net: tcp: use tcp_drop_reason() for tcp_data_queue_ofo() 2022-02-20 13:55:31 +00:00
tcp_ipv4.c net/tcp: Merge TCP-MD5 inbound callbacks 2022-02-24 21:43:53 -08:00
tcp_lp.c
tcp_metrics.c
tcp_minisocks.c tcp: Use BPF timeout setting for SYN ACK RTO 2022-02-02 14:45:18 +00:00
tcp_nv.c
tcp_offload.c net: move gro definitions to include/net/gro.h 2021-11-16 13:16:54 +00:00
tcp_output.c net: Add skb->mono_delivery_time to distinguish mono delivery_time from (rcv) timestamp 2022-03-03 14:38:48 +00:00
tcp_rate.c
tcp_recovery.c
tcp_scalable.c
tcp_timer.c
tcp_ulp.c
tcp_vegas.c
tcp_vegas.h
tcp_veno.c
tcp_westwood.c
tcp_yeah.c
tunnel4.c
udp.c net: udp: use kfree_skb_reason() in __udp_queue_rcv_skb() 2022-02-07 11:18:49 +00:00
udp_bpf.c
udp_diag.c
udp_impl.h
udp_offload.c gro: remove rcu_read_lock/rcu_read_unlock from gro_complete handlers 2021-11-24 17:21:42 -08:00
udp_tunnel_core.c
udp_tunnel_nic.c udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister() 2022-02-23 12:35:00 +00:00
udp_tunnel_stub.c
udplite.c
xfrm4_input.c
xfrm4_output.c
xfrm4_policy.c xfrm: use net device refcount tracker helpers 2021-12-09 11:51:45 -08:00
xfrm4_protocol.c
xfrm4_state.c
xfrm4_tunnel.c