AcoSail/kernel_optimize_test
8
0
Fork 0
forked from luck/tmp_suning_uos_patched
Code Pull Requests Activity
5c3e82fe15
kernel_optimize_test/net/sctp
History
Qiujun Huang 5c3e82fe15 sctp: fix refcount bug in sctp_wfree 
We should iterate over the datamsgs to move
all chunks(skbs) to newsk.

The following case cause the bug:
for the trouble SKB, it was in outq->transmitted list

sctp_outq_sack
        sctp_check_transmitted
                SKB was moved to outq->sacked list
        then throw away the sack queue
                SKB was deleted from outq->sacked
(but it was held by datamsg at sctp_datamsg_to_asoc
So, sctp_wfree was not called here)

then migrate happened

        sctp_for_each_tx_datachunk(
        sctp_clear_owner_w);
        sctp_assoc_migrate();
        sctp_for_each_tx_datachunk(
        sctp_set_owner_w);
SKB was not in the outq, and was not changed to newsk

finally

__sctp_outq_teardown
        sctp_chunk_put (for another skb)
                sctp_datamsg_put
                        __kfree_skb(msg->frag_list)
                                sctp_wfree (for SKB)
	SKB->sk was still oldsk (skb->sk != asoc->base.sk).

Reported-and-tested-by: syzbot+cea71eec5d6de256d54d@syzkaller.appspotmail.com
Signed-off-by: Qiujun Huang <hqjagain@gmail.com>
Acked-by: Marcelo Ricardo Leitner <mleitner@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2020-03-29 21:57:30 -07:00
..
associola.c sctp: get netns from asoc and ep base 2019-12-09 20:14:01 -08:00
auth.c sctp: add sctp_auth_init and sctp_auth_free 2019-08-19 18:27:29 -07:00
bind_addr.c sctp: remove rcu_read_lock from sctp_bind_addr_state 2019-07-08 20:18:11 -07:00
chunk.c sctp: get netns from asoc and ep base 2019-12-09 20:14:01 -08:00
debug.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 104 2019-05-24 17:39:00 +02:00
diag.c inet_diag: return classid for all socket types 2020-03-08 21:57:48 -07:00
endpointola.c sctp: get netns from asoc and ep base 2019-12-09 20:14:01 -08:00
input.c sctp: get netns from asoc and ep base 2019-12-09 20:14:01 -08:00
inqueue.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 104 2019-05-24 17:39:00 +02:00
ipv6.c net: ipv6: add net argument to ip6_dst_lookup_flow 2019-12-04 12:27:12 -08:00
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Makefile
objcnt.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 104 2019-05-24 17:39:00 +02:00
offload.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-07 11:00:14 -07:00
output.c sctp: get netns from asoc and ep base 2019-12-09 20:14:01 -08:00
outqueue.c sctp: add enabled check for path tracepoint loop. 2019-12-30 20:33:05 -08:00
primitive.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 104 2019-05-24 17:39:00 +02:00
proc.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 104 2019-05-24 17:39:00 +02:00
protocol.c sctp: fully initialize v4 addr in some functions 2019-12-09 10:16:39 -08:00
sm_make_chunk.c sctp: get netns from asoc and ep base 2019-12-09 20:14:01 -08:00
sm_sideeffect.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-01-09 12:13:43 -08:00
sm_statefuns.c sctp: move the format error check out of __sctp_sf_do_9_1_abort 2020-02-17 21:56:03 -08:00
sm_statetable.c sctp: remove net sctp.x_enable working as a global switch 2019-08-19 18:27:29 -07:00
socket.c sctp: fix refcount bug in sctp_wfree 2020-03-29 21:57:30 -07:00
stream_interleave.c sctp: get netns from asoc and ep base 2019-12-09 20:14:01 -08:00
stream_sched_prio.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 104 2019-05-24 17:39:00 +02:00
stream_sched_rr.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 104 2019-05-24 17:39:00 +02:00
stream_sched.c sctp: rename asoc intl_enable to asoc peer.intl_capable 2019-07-08 20:16:25 -07:00
stream.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2019-12-31 13:37:13 -08:00
sysctl.c sctp: add support for Primary Path Switchover 2019-11-08 14:18:32 -08:00
transport.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2019-12-31 13:37:13 -08:00
tsnmap.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 104 2019-05-24 17:39:00 +02:00
ulpevent.c sctp: add SCTP_SEND_FAILED_EVENT event 2019-10-09 17:06:58 -07:00
ulpqueue.c sctp: get netns from asoc and ep base 2019-12-09 20:14:01 -08:00