diff mbox series

[net,2/2] net: Flush deferred skb free on socket destroy

Message ID 20220117092733.6627-3-gal@nvidia.com (mailing list archive)
State Accepted
Commit 79074a72d335dbd021a716d8cc65cba3b2f706ab
Delegated to: Netdev Maintainers
Headers show
Series Couple of skb memory leak fixes | expand

Checks

Context Check Description
netdev/tree_selection success Clearly marked for net
netdev/fixes_present success Fixes tag present in non-next series
netdev/subject_prefix success Link
netdev/cover_letter success Series has a cover letter
netdev/patch_count success Link
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 6 this patch: 6
netdev/cc_maintainers success CCed 4 of 4 maintainers
netdev/build_clang success Errors and warnings before: 22 this patch: 22
netdev/module_param success Was 0 now: 0
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/verify_fixes success Fixes tag looks correct
netdev/build_allmodconfig_warn success Errors and warnings before: 11 this patch: 11
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 9 lines checked
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0

Commit Message

Gal Pressman Jan. 17, 2022, 9:27 a.m. UTC 
The cited Fixes patch moved to a deferred skb approach where the skbs
are not freed immediately under the socket lock.  Add a WARN_ON_ONCE()
to verify the deferred list is empty on socket destroy, and empty it to
prevent potential memory leaks.

Fixes: f35f821935d8 ("tcp: defer skb freeing after socket lock is released")
Signed-off-by: Gal Pressman <gal@nvidia.com>
---
 net/core/sock.c | 3 +++
 1 file changed, 3 insertions(+)

Comments

Heiko Carstens Jan. 23, 2022, 9:50 a.m. UTC | #1 
On Mon, Jan 17, 2022 at 11:27:33AM +0200, Gal Pressman wrote:
> The cited Fixes patch moved to a deferred skb approach where the skbs
> are not freed immediately under the socket lock.  Add a WARN_ON_ONCE()
> to verify the deferred list is empty on socket destroy, and empty it to
> prevent potential memory leaks.
> 
> Fixes: f35f821935d8 ("tcp: defer skb freeing after socket lock is released")
> Signed-off-by: Gal Pressman <gal@nvidia.com>
> ---
>  net/core/sock.c | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/net/core/sock.c b/net/core/sock.c
> index f32ec08a0c37..4ff806d71921 100644
> --- a/net/core/sock.c
> +++ b/net/core/sock.c
> @@ -2049,6 +2049,9 @@ void sk_destruct(struct sock *sk)
>  {
>  	bool use_call_rcu = sock_flag(sk, SOCK_RCU_FREE);
>  
> +	WARN_ON_ONCE(!llist_empty(&sk->defer_list));
> +	sk_defer_free_flush(sk);
> +

This leads to a link error if CONFIG_INET is not set:

s390x-11.2.0-ld: net/core/sock.o: in function `sk_defer_free_flush':
linux/./include/net/tcp.h:1378: undefined reference to `__sk_defer_free_flush'
make: *** [Makefile:1155: vmlinux] Error 1
Gal Pressman Jan. 23, 2022, 9:53 a.m. UTC | #2 
On 23/01/2022 11:50, Heiko Carstens wrote:
> On Mon, Jan 17, 2022 at 11:27:33AM +0200, Gal Pressman wrote:
>> The cited Fixes patch moved to a deferred skb approach where the skbs
>> are not freed immediately under the socket lock.  Add a WARN_ON_ONCE()
>> to verify the deferred list is empty on socket destroy, and empty it to
>> prevent potential memory leaks.
>>
>> Fixes: f35f821935d8 ("tcp: defer skb freeing after socket lock is released")
>> Signed-off-by: Gal Pressman <gal@nvidia.com>
>> ---
>>  net/core/sock.c | 3 +++
>>  1 file changed, 3 insertions(+)
>>
>> diff --git a/net/core/sock.c b/net/core/sock.c
>> index f32ec08a0c37..4ff806d71921 100644
>> --- a/net/core/sock.c
>> +++ b/net/core/sock.c
>> @@ -2049,6 +2049,9 @@ void sk_destruct(struct sock *sk)
>>  {
>>  	bool use_call_rcu = sock_flag(sk, SOCK_RCU_FREE);
>>  
>> +	WARN_ON_ONCE(!llist_empty(&sk->defer_list));
>> +	sk_defer_free_flush(sk);
>> +
> This leads to a link error if CONFIG_INET is not set:
>
> s390x-11.2.0-ld: net/core/sock.o: in function `sk_defer_free_flush':
> linux/./include/net/tcp.h:1378: undefined reference to `__sk_defer_free_flush'
> make: *** [Makefile:1155: vmlinux] Error 1

Thanks, it is fixed in:

https://lore.kernel.org/netdev/20220120123440.9088-1-gal@nvidia.com/
diff mbox series

Patch

diff --git a/net/core/sock.c b/net/core/sock.c
index f32ec08a0c37..4ff806d71921 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -2049,6 +2049,9 @@  void sk_destruct(struct sock *sk)
 {
 	bool use_call_rcu = sock_flag(sk, SOCK_RCU_FREE);
 
+	WARN_ON_ONCE(!llist_empty(&sk->defer_list));
+	sk_defer_free_flush(sk);
+
 	if (rcu_access_pointer(sk->sk_reuseport_cb)) {
 		reuseport_detach_sock(sk);
 		use_call_rcu = true;