From: Arnaldo Carvalho de Melo <acme@redhat.com>
To: David Miller <davem@davemloft.net>
Cc: dmgenp@gmail.com, acme@redhat.com, yjwei@cn.fujitsu.com,
netdev@vger.kernel.org
Subject: [PATCH][LLC]: Fix double accounting of received packets
Date: Thu, 29 May 2008 10:44:41 -0300 [thread overview]
Message-ID: <20080529134441.GT30251@ghostprotocols.net> (raw)
In-Reply-To: <20080529.034510.89175399.davem@davemloft.net>
David, please apply.
- Arnaldo
commit 3eb2a480af55fe7494c1601b6b7eda499cd67ddd
Author: Arnaldo Carvalho de Melo <acme@redhat.com>
Date: Thu May 29 10:33:00 2008 -0300
[LLC]: Fix double accounting of received packets
llc_sap_rcv was being preceded by skb_set_owner_r, then calling
llc_state_process that calls sock_queue_rcv_skb, that in turn calls
skb_set_owner_r again making the space allowed to be used by the socket to be
leaked, making the socket to get stuck.
Fix it by setting skb->sk at llc_sap_rcv and leave the accounting to be done
only at sock_queue_rcv_skb.
Reported-by: Dmitry Petukhov <dmgenp@gmail.com>
Tested-by: Dmitry Petukhov <dmgenp@gmail.com>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
diff --git a/net/llc/llc_sap.c b/net/llc/llc_sap.c
index e2ddde7..008de1f 100644
--- a/net/llc/llc_sap.c
+++ b/net/llc/llc_sap.c
@@ -286,12 +286,14 @@ void llc_build_and_send_xid_pkt(struct llc_sap *sap, struct sk_buff *skb,
*
* Sends received pdus to the sap state machine.
*/
-static void llc_sap_rcv(struct llc_sap *sap, struct sk_buff *skb)
+static void llc_sap_rcv(struct llc_sap *sap, struct sk_buff *skb,
+ struct sock *sk)
{
struct llc_sap_state_ev *ev = llc_sap_ev(skb);
ev->type = LLC_SAP_EV_TYPE_PDU;
ev->reason = 0;
+ skb->sk = sk;
llc_sap_state_process(sap, skb);
}
@@ -360,8 +362,7 @@ static void llc_sap_mcast(struct llc_sap *sap,
break;
sock_hold(sk);
- skb_set_owner_r(skb1, sk);
- llc_sap_rcv(sap, skb1);
+ llc_sap_rcv(sap, skb1, sk);
sock_put(sk);
}
read_unlock_bh(&sap->sk_list.lock);
@@ -381,8 +382,7 @@ void llc_sap_handler(struct llc_sap *sap, struct sk_buff *skb)
} else {
struct sock *sk = llc_lookup_dgram(sap, &laddr);
if (sk) {
- skb_set_owner_r(skb, sk);
- llc_sap_rcv(sap, skb);
+ llc_sap_rcv(sap, skb, sk);
sock_put(sk);
} else
kfree_skb(skb);
next prev parent reply other threads:[~2008-05-29 13:44 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-05-27 7:09 [PATCH 2.6.26-rc4] fix double call of kfree_skb in net/llc/llc_sap.c Dmitry Petukhov
2008-05-27 7:31 ` Wei Yongjun
2008-05-27 8:00 ` Dmitry Petukhov
[not found] ` <84ee89da0805270047v1c76b4f3k5768fe853f2cea1d@mail.gmail.com>
[not found] ` <483BC1B0.2090600@cn.fujitsu.com>
[not found] ` <84ee89da0805270235t7ae75356la2ffbb5244de2f74@mail.gmail.com>
2008-05-28 10:59 ` Dmitry Petukhov
2008-05-28 20:16 ` Arnaldo Carvalho de Melo
2008-05-29 8:51 ` Dmitry Petukhov
2008-05-29 10:45 ` David Miller
2008-05-29 13:44 ` Arnaldo Carvalho de Melo [this message]
2008-05-30 9:57 ` [PATCH][LLC]: Fix double accounting of received packets David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080529134441.GT30251@ghostprotocols.net \
--to=acme@redhat.com \
--cc=davem@davemloft.net \
--cc=dmgenp@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=yjwei@cn.fujitsu.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.