diff options
| author | Eric Dumazet <[email protected]> | 2023-10-19 11:24:57 +0000 |
|---|---|---|
| committer | Jakub Kicinski <[email protected]> | 2023-10-21 00:40:10 +0000 |
| commit | 72bf4f1767f0386970dc04726dc5bc2e3991dc19 (patch) | |
| tree | 54d6281d53f67bc8de6ec2e40e4606bd4f942e97 /tools/testing/selftests/bpf/progs/recvmsg_unix_prog.c | |
| parent | igb: Fix potential memory leak in igb_add_ethtool_nfc_entry (diff) | |
| download | kernel-72bf4f1767f0386970dc04726dc5bc2e3991dc19.tar.gz kernel-72bf4f1767f0386970dc04726dc5bc2e3991dc19.zip | |
net: do not leave an empty skb in write queue
Under memory stress conditions, tcp_sendmsg_locked()
might call sk_stream_wait_memory(), thus releasing the socket lock.
If a fresh skb has been allocated prior to this,
we should not leave it in the write queue otherwise
tcp_write_xmit() could panic.
This apparently does not happen often, but a future change
in __sk_mem_raise_allocated() that Shakeel and others are
considering would increase chances of being hurt.
Under discussion is to remove this controversial part:
/* Fail only if socket is _under_ its sndbuf.
* In this case we cannot block, so that we have to fail.
*/
if (sk->sk_wmem_queued + size >= sk->sk_sndbuf) {
/* Force charge with __GFP_NOFAIL */
if (memcg_charge && !charged) {
mem_cgroup_charge_skmem(sk->sk_memcg, amt,
gfp_memcg_charge() | __GFP_NOFAIL);
}
return 1;
}
Fixes: fdfc5c8594c2 ("tcp: remove empty skb from write queue in error cases")
Signed-off-by: Eric Dumazet <[email protected]>
Reviewed-by: Shakeel Butt <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Jakub Kicinski <[email protected]>
Diffstat (limited to 'tools/testing/selftests/bpf/progs/recvmsg_unix_prog.c')
0 files changed, 0 insertions, 0 deletions