From mboxrd@z Thu Jan 1 00:00:00 1970 From: stranche@codeaurora.org Subject: Re: [PATCH net] af_key: free SKBs under RCU protection Date: Mon, 24 Sep 2018 12:46:07 -0600 Message-ID: References: <1537402712-12875-1-git-send-email-stranche@codeaurora.org> <6d194ac2-15e8-76d7-31d0-b4c4eed68d5a@gmail.com> <357e28c3fa0c7bacaffde4e960f58a87@codeaurora.org> <9a3d8036-9f8c-6e8b-f16c-7c278c448db3@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Cc: netdev@vger.kernel.org, steffen.klassert@secunet.com To: Eric Dumazet Return-path: Received: from smtp.codeaurora.org ([198.145.29.96]:52028 "EHLO smtp.codeaurora.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727290AbeIYAtj (ORCPT ); Mon, 24 Sep 2018 20:49:39 -0400 In-Reply-To: <9a3d8036-9f8c-6e8b-f16c-7c278c448db3@gmail.com> Sender: netdev-owner@vger.kernel.org List-ID: On 2018-09-23 11:15, Eric Dumazet wrote: > On 09/20/2018 12:25 PM, stranche@codeaurora.org wrote: > >> Perhaps a cleaner solution here is to always clone the SKB in >> pfkey_broadcast_one(). That will ensure that the two kfree_skb() calls >> in pfkey_broadcast() will never be passed an SKB with sock_rfree() as >> its destructor, and we can avoid this race condition. > > Yes, this whole idea of avoiding the cloning is brain dead. > > Better play safe and having a straightforward implementation. > > I suggest something like this (I could not reproduce the bug with the > syzkaller repro) > > Note that I removed the sock_hold(sk)/sock_put(sk) pair as this is > useless. > The only time GFP_KERNEL might be used is when the sk is already owned > by the caller. > > > net/key/af_key.c | 40 +++++++++++++++------------------------- > 1 file changed, 15 insertions(+), 25 deletions(-) Hi Eric, That patch works like a charm. Could you upload that as a formal patch? Thanks for all your help with this.