[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3eb282be85ab035e36c80d73949c33868e698d43.camel@redhat.com>
Date: Fri, 08 Mar 2024 12:10:54 +0100
From: Paolo Abeni <pabeni@...hat.com>
To: Eric Dumazet <edumazet@...gle.com>
Cc: "David S . Miller" <davem@...emloft.net>, Jakub Kicinski
<kuba@...nel.org>, netdev@...r.kernel.org, eric.dumazet@...il.com, Martin
KaFai Lau <kafai@...com>, Joe Stringer <joe@...d.net.nz>, Alexei
Starovoitov <ast@...nel.org>, Willem de Bruijn
<willemdebruijn.kernel@...il.com>, Kuniyuki Iwashima <kuniyu@...zon.com>,
Florian Westphal <fw@...len.de>
Subject: Re: [PATCH net-next] udp: no longer touch sk->sk_refcnt in early
demux
On Fri, 2024-03-08 at 10:21 +0100, Eric Dumazet wrote:
> > > diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
> > > index a8acea17b4e5344d022ae8f8eb674d1a36f8035a..e43ad1d846bdc2ddf5767606b78bbd055f692aa8 100644
> > > --- a/net/ipv4/udp.c
> > > +++ b/net/ipv4/udp.c
> > > @@ -2570,11 +2570,12 @@ int udp_v4_early_demux(struct sk_buff *skb)
> > > uh->source, iph->saddr, dif, sdif);
> > > }
> > >
> > > - if (!sk || !refcount_inc_not_zero(&sk->sk_refcnt))
> > > + if (!sk)
> > > return 0;
> > >
> > > skb->sk = sk;
> > > - skb->destructor = sock_efree;
> > > + DEBUG_NET_WARN_ON_ONCE(sk_is_refcounted(sk));
> > > + skb->destructor = sock_pfree;
> >
> > I *think* that the skb may escape the current rcu section if e.g. if
> > matches a nf dup target in the input tables.
>
> You mean the netfilter queueing stuff perhaps ?
>
> This is already safe, it uses a refcount_inc_not_zero(&sk->sk_refcnt):
>
> if (skb_sk_is_prefetched(skb)) {
> struct sock *sk = skb->sk;
>
> if (!sk_is_refcounted(sk)) {
> if (!refcount_inc_not_zero(&sk->sk_refcnt))
> return -ENOTCONN;
>
> /* drop refcount on skb_orphan */
> skb->destructor = sock_edemux;
> }
> }
>
> I would think a duplicate can not duplicate skb->sk in general, or must also
> attempt an refcount_inc_not_zero(&sk->sk_refcnt) and use a related destructor.
Right, looks safe.
Acked-by: Paolo Abeni <pabeni@...hat.com>
Powered by blists - more mailing lists