tcp: properly handle md5sig_pool references
tcp_v4_clear_md5_list() assumes that multiple tcp md5sig peers only hold one reference to md5sig_pool. but tcp_v4_md5_do_add() increases use count of md5sig_pool for each peer. This patch makes tcp_v4_md5_do_add() only increases use count for the first tcp md5sig peer. Signed-off-by: Zheng Yan <zheng.z.yan@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
cb2d0f3e96
commit
260fcbeb1a
|
@ -927,17 +927,20 @@ int tcp_v4_md5_do_add(struct sock *sk, __be32 addr,
|
||||||
}
|
}
|
||||||
sk_nocaps_add(sk, NETIF_F_GSO_MASK);
|
sk_nocaps_add(sk, NETIF_F_GSO_MASK);
|
||||||
}
|
}
|
||||||
if (tcp_alloc_md5sig_pool(sk) == NULL) {
|
|
||||||
|
md5sig = tp->md5sig_info;
|
||||||
|
if (md5sig->entries4 == 0 &&
|
||||||
|
tcp_alloc_md5sig_pool(sk) == NULL) {
|
||||||
kfree(newkey);
|
kfree(newkey);
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
}
|
}
|
||||||
md5sig = tp->md5sig_info;
|
|
||||||
|
|
||||||
if (md5sig->alloced4 == md5sig->entries4) {
|
if (md5sig->alloced4 == md5sig->entries4) {
|
||||||
keys = kmalloc((sizeof(*keys) *
|
keys = kmalloc((sizeof(*keys) *
|
||||||
(md5sig->entries4 + 1)), GFP_ATOMIC);
|
(md5sig->entries4 + 1)), GFP_ATOMIC);
|
||||||
if (!keys) {
|
if (!keys) {
|
||||||
kfree(newkey);
|
kfree(newkey);
|
||||||
|
if (md5sig->entries4 == 0)
|
||||||
tcp_free_md5sig_pool();
|
tcp_free_md5sig_pool();
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
}
|
}
|
||||||
|
@ -982,6 +985,7 @@ int tcp_v4_md5_do_del(struct sock *sk, __be32 addr)
|
||||||
kfree(tp->md5sig_info->keys4);
|
kfree(tp->md5sig_info->keys4);
|
||||||
tp->md5sig_info->keys4 = NULL;
|
tp->md5sig_info->keys4 = NULL;
|
||||||
tp->md5sig_info->alloced4 = 0;
|
tp->md5sig_info->alloced4 = 0;
|
||||||
|
tcp_free_md5sig_pool();
|
||||||
} else if (tp->md5sig_info->entries4 != i) {
|
} else if (tp->md5sig_info->entries4 != i) {
|
||||||
/* Need to do some manipulation */
|
/* Need to do some manipulation */
|
||||||
memmove(&tp->md5sig_info->keys4[i],
|
memmove(&tp->md5sig_info->keys4[i],
|
||||||
|
@ -989,7 +993,6 @@ int tcp_v4_md5_do_del(struct sock *sk, __be32 addr)
|
||||||
(tp->md5sig_info->entries4 - i) *
|
(tp->md5sig_info->entries4 - i) *
|
||||||
sizeof(struct tcp4_md5sig_key));
|
sizeof(struct tcp4_md5sig_key));
|
||||||
}
|
}
|
||||||
tcp_free_md5sig_pool();
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -591,7 +591,8 @@ static int tcp_v6_md5_do_add(struct sock *sk, const struct in6_addr *peer,
|
||||||
}
|
}
|
||||||
sk_nocaps_add(sk, NETIF_F_GSO_MASK);
|
sk_nocaps_add(sk, NETIF_F_GSO_MASK);
|
||||||
}
|
}
|
||||||
if (tcp_alloc_md5sig_pool(sk) == NULL) {
|
if (tp->md5sig_info->entries6 == 0 &&
|
||||||
|
tcp_alloc_md5sig_pool(sk) == NULL) {
|
||||||
kfree(newkey);
|
kfree(newkey);
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
}
|
}
|
||||||
|
@ -600,8 +601,9 @@ static int tcp_v6_md5_do_add(struct sock *sk, const struct in6_addr *peer,
|
||||||
(tp->md5sig_info->entries6 + 1)), GFP_ATOMIC);
|
(tp->md5sig_info->entries6 + 1)), GFP_ATOMIC);
|
||||||
|
|
||||||
if (!keys) {
|
if (!keys) {
|
||||||
tcp_free_md5sig_pool();
|
|
||||||
kfree(newkey);
|
kfree(newkey);
|
||||||
|
if (tp->md5sig_info->entries6 == 0)
|
||||||
|
tcp_free_md5sig_pool();
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -647,6 +649,7 @@ static int tcp_v6_md5_do_del(struct sock *sk, const struct in6_addr *peer)
|
||||||
kfree(tp->md5sig_info->keys6);
|
kfree(tp->md5sig_info->keys6);
|
||||||
tp->md5sig_info->keys6 = NULL;
|
tp->md5sig_info->keys6 = NULL;
|
||||||
tp->md5sig_info->alloced6 = 0;
|
tp->md5sig_info->alloced6 = 0;
|
||||||
|
tcp_free_md5sig_pool();
|
||||||
} else {
|
} else {
|
||||||
/* shrink the database */
|
/* shrink the database */
|
||||||
if (tp->md5sig_info->entries6 != i)
|
if (tp->md5sig_info->entries6 != i)
|
||||||
|
@ -655,7 +658,6 @@ static int tcp_v6_md5_do_del(struct sock *sk, const struct in6_addr *peer)
|
||||||
(tp->md5sig_info->entries6 - i)
|
(tp->md5sig_info->entries6 - i)
|
||||||
* sizeof (tp->md5sig_info->keys6[0]));
|
* sizeof (tp->md5sig_info->keys6[0]));
|
||||||
}
|
}
|
||||||
tcp_free_md5sig_pool();
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue