Message ID | 20170622190341.87998-1-tracywwnj@gmail.com |
---|---|
State | Changes Requested, archived |
Delegated to: | David Miller |
Headers | show |
So this is clearly an improvement over the current state of things. However, I think there is still a very slight race condition in the error case, since I imagine udp early demux might find the socket while ip6_datagram_dst_update() is running. It's possible that inet_dport assignment could simply be postponed until after the ip6_datagram_dst_update() call. Another possibility would be to make the early demux code only capable of finding TCP_ESTABLISHED sockets. That said, I'm not sure what the right call would be.
From: Wei Wang <tracywwnj@gmail.com> Date: Thu, 22 Jun 2017 12:03:41 -0700 > From: Wei Wang <weiwan@google.com> > > In __ip6_datagram_connect(), reset sk->sk_v6_daddr and inet->dport if > error occurs so that udp_v6_early_demux() won't consider this socket > as a valid candidate for early demux. > > v2: fix compilation error > > Signed-off-by: Wei Wang <weiwan@google.com> > Acked-by: Maciej Żenczykowski <maze@google.com> Please also add a state test against TCP_ESTABLISHED in UDP v6 early demux to close this race completely. Thanks.
diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c index e011122ebd43..5c786f5ab961 100644 --- a/net/ipv6/datagram.c +++ b/net/ipv6/datagram.c @@ -250,8 +250,14 @@ int __ip6_datagram_connect(struct sock *sk, struct sockaddr *uaddr, */ err = ip6_datagram_dst_update(sk, true); - if (err) + if (err) { + /* Reset daddr and dport so that udp_v6_early_demux() + * fails to find this socket + */ + memset(&sk->sk_v6_daddr, 0, sizeof(sk->sk_v6_daddr)); + inet->inet_dport = 0; goto out; + } sk->sk_state = TCP_ESTABLISHED; sk_set_txhash(sk);