| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200109115749.12283-1-lmb@cloudflare.com>
Date: Thu, 9 Jan 2020 11:57:47 +0000
From: Lorenz Bauer <lmb@...udflare.com>
To: Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
"David S. Miller" <davem@...emloft.net>,
Lorenz Bauer <lmb@...udflare.com>,
Martin KaFai Lau <kafai@...com>,
Joe Stringer <joe@...valent.com>, netdev@...r.kernel.org,
bpf@...r.kernel.org, linux-kernel@...r.kernel.org
Cc: kernel-team@...udflare.com, edumazet@...gle.com
Subject: [PATCH bpf 0/1] Fix memory leak in helpers dealing with sockets
While rolling out a new BPF based TC classifier I hit a memory leak, which
manifests in large numbers of request and time wait sockets not being released.
The root cause is that the current BPF helpers dealing with sockets are naive:
they assume that sk->sk_flags is always valid. struct request_sock and
struct inet_timewait_sock break this.
I've fixed this up by adding a helper that checks sk_state in addition to sk_flags.
The solution is a bit clumsy: it encapsulates details of struct sock in BPF.
It would probably be nicer to have a sock_gen_put + SOCK_RCU_FREE function exposed
in sock.h, but that might be too big a change for backports.
Thoughts?
Lorenz Bauer (1):
net: bpf: don't leak time wait and request sockets
net/core/filter.c | 17 +++++++++++------
1 file changed, 11 insertions(+), 6 deletions(-)
--
2.20.1
Powered by blists - more mailing lists