John Fastabend 9635720b7c bpf, sockmap: Fix memleak on ingress msg enqueue ... If backlog handler is running during a tear down operation we may enqueue data on the ingress msg queue while tear down is trying to free it. sk_psock_backlog() sk_psock_handle_skb() skb_psock_skb_ingress() sk_psock_skb_ingress_enqueue() sk_psock_queue_msg(psock,msg) spin_lock(ingress_lock) sk_psock_zap_ingress() _sk_psock_purge_ingerss_msg() _sk_psock_purge_ingress_msg() -- free ingress_msg list -- spin_unlock(ingress_lock) spin_lock(ingress_lock) list_add_tail(msg,ingress_msg) <- entry on list with no one left to free it. spin_unlock(ingress_lock) To fix we only enqueue from backlog if the ENABLED bit is set. The tear down logic clears the bit with ingress_lock set so we wont enqueue the msg in the last step. Fixes: 799aa7f98d ("skmsg: Avoid lock_sock() in sk_psock_backlog()") Signed-off-by: John Fastabend <john.fastabend@gmail.com> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Acked-by: Jakub Sitnicki <jakub@cloudflare.com> Acked-by: Martin KaFai Lau <kafai@fb.com> Link: https://lore.kernel.org/bpf/20210727160500.1713554-4-john.fastabend@gmail.com		2021-07-27 14:55:30 -07:00
..
bpf_sk_storage.c	bpf: Use struct_size() in kzalloc()	2021-05-13 15:58:00 -07:00
datagram.c	udp: fix skb_copy_and_csum_datagram with odd segment sizes	2021-02-04 18:56:56 -08:00
datagram.h
dev.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf	2021-07-15 14:39:45 -07:00
dev_addr_lists.c	net: core: Correct function name dev_uc_flush() in the kerneldoc	2021-03-28 17:56:56 -07:00
dev_ioctl.c	net: fix dev_ifsioc_locked() race condition	2021-02-11 18:14:19 -08:00
devlink.c	devlink: Protect rate list with lock while switching modes	2021-06-23 15:46:25 -07:00
drop_monitor.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2021-03-25 15:31:22 -07:00
dst.c	net, bpf: Fix ip6ip6 crash with collect_md populated skbs	2021-03-10 12:24:18 -08:00
dst_cache.c
failover.c
fib_notifier.c
fib_rules.c	fib: Return the correct errno code	2021-06-03 15:13:56 -07:00
filter.c	Networking changes for 5.14.	2021-06-30 15:51:09 -07:00
flow_dissector.c	net: flow_dissector: fix RPS on DSA masters	2021-06-14 13:15:22 -07:00
flow_offload.c	net: flow_offload: Fix memory leak for indirect flow block	2020-12-09 16:08:33 -08:00
gen_estimator.c	net_sched: gen_estimator: support large ewma log	2021-01-15 18:11:06 -08:00
gen_stats.c
gro_cells.c	gro_cells: reduce number of synchronize_net() calls	2020-11-25 11:28:12 -08:00
hwbm.c
link_watch.c
lwt_bpf.c	lwt_bpf: Replace preempt_disable() with migrate_disable()	2020-12-07 11:53:40 -08:00
lwtunnel.c
Makefile	net: selftest: fix build issue if INET is disabled	2021-04-28 14:06:45 -07:00
neighbour.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2021-06-18 19:47:02 -07:00
net-procfs.c	net: move the ptype_all and ptype_base declarations to include/linux/netdevice.h	2021-03-22 13:14:45 -07:00
net-sysfs.c	net-sysfs: remove possible sleep from an RCU read-side critical section	2021-03-22 13:28:13 -07:00
net-sysfs.h
net-traces.c	tcp: add tracepoint for checksum errors	2021-05-14 15:26:03 -07:00
net_namespace.c	net: inline function get_net_ns_by_fd if NET_NS is disabled	2021-06-15 11:00:45 -07:00
netclassid_cgroup.c	net: Remove the err argument from sock_from_file	2020-12-04 22:32:40 +01:00
netevent.c	net: core: Correct function name netevent_unregister_notifier() in the kerneldoc	2021-03-28 17:56:56 -07:00
netpoll.c	asm-generic/unaligned: Unify asm/unaligned.h around struct helper	2021-07-02 12:43:40 -07:00
netprio_cgroup.c	net: Remove the err argument from sock_from_file	2020-12-04 22:32:40 +01:00
page_pool.c	page_pool: Allow drivers to hint on SKB recycling	2021-06-07 14:11:47 -07:00
pktgen.c	pktgen: add pktgen_handle_all_threads() for the same code	2021-06-07 13:15:31 -07:00
ptp_classifier.c
request_sock.c
rtnetlink.c	net: say "local" instead of "static" addresses in ndo_dflt_fdb_{add,del}	2021-06-29 11:31:57 -07:00
scm.c	scm: fix a typo in put_cmsg()	2021-04-16 11:41:07 -07:00
secure_seq.c
selftests.c	net: add generic selftest support	2021-04-20 16:08:02 -07:00
skbuff.c	skbuff: Release nfct refcount on napi stolen or re-used skbs	2021-07-06 10:26:29 -07:00
skmsg.c	bpf, sockmap: Fix memleak on ingress msg enqueue	2021-07-27 14:55:30 -07:00
sock.c	sock: unlock on error in sock_setsockopt()	2021-07-07 20:49:12 -07:00
sock_diag.c
sock_map.c	bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc	2021-06-22 10:14:29 -07:00
sock_reuseport.c	tcp: Add stats for socket migration.	2021-06-23 12:56:08 -07:00
stream.c
sysctl_net_core.c	net: change netdev_unregister_timeout_secs min value to 1	2021-03-25 17:24:06 -07:00
timestamping.c
tso.c
utils.c
xdp.c	xdp: Move the rxq_info.mem clearing to unreg_mem_model()	2021-06-28 23:07:59 +02:00