From: Paolo Abeni Date: Tue, 17 Oct 2023 15:49:51 +0000 (+0200) Subject: tcp_bpf: properly release resources on error paths X-Git-Tag: v6.1.63~593 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=2efcdbef13c9e0f73c8cecb84cbe387eb8e4b453;p=sdk%2Femulator%2Femulator-kernel.git tcp_bpf: properly release resources on error paths [ Upstream commit 68b54aeff804acceb02f228ea2e28419272c1fb9 ] In the blamed commit below, I completely forgot to release the acquired resources before erroring out in the TCP BPF code, as reported by Dan. Address the issues by replacing the bogus return with a jump to the relevant cleanup code. Fixes: 419ce133ab92 ("tcp: allow again tcp_disconnect() when threads are waiting") Reported-by: Dan Carpenter Signed-off-by: Paolo Abeni Acked-by: Jakub Sitnicki Reviewed-by: Eric Dumazet Reviewed-by: John Fastabend Link: https://lore.kernel.org/r/8f99194c698bcef12666f0a9a999c58f8b1cb52c.1697557782.git.pabeni@redhat.com Signed-off-by: Jakub Kicinski Signed-off-by: Sasha Levin --- diff --git a/net/ipv4/tcp_bpf.c b/net/ipv4/tcp_bpf.c index cb4549db8bcf..f8037d142bb7 100644 --- a/net/ipv4/tcp_bpf.c +++ b/net/ipv4/tcp_bpf.c @@ -302,8 +302,10 @@ msg_bytes_ready: } data = tcp_msg_wait_data(sk, psock, timeo); - if (data < 0) - return data; + if (data < 0) { + copied = data; + goto unlock; + } if (data && !sk_psock_queue_empty(psock)) goto msg_bytes_ready; copied = -EAGAIN; @@ -314,6 +316,8 @@ out: tcp_rcv_space_adjust(sk); if (copied > 0) __tcp_cleanup_rbuf(sk, copied); + +unlock: release_sock(sk); sk_psock_put(sk, psock); return copied; @@ -348,8 +352,10 @@ msg_bytes_ready: timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT); data = tcp_msg_wait_data(sk, psock, timeo); - if (data < 0) - return data; + if (data < 0) { + ret = data; + goto unlock; + } if (data) { if (!sk_psock_queue_empty(psock)) goto msg_bytes_ready; @@ -360,6 +366,8 @@ msg_bytes_ready: copied = -EAGAIN; } ret = copied; + +unlock: release_sock(sk); sk_psock_put(sk, psock); return ret;