Skip to content

GitLab

Switch branch/tag
History Find file
Clone
mptcp: dispose initial struct socket when its subflow is closed
Florian Westphal authored 
[ Upstream commit 17aee05d ]

Christoph Paasch reported following crash:
dst_release underflow
WARNING: CPU: 0 PID: 1319 at net/core/dst.c:175 dst_release+0xc1/0xd0 net/core/dst.c:175
CPU: 0 PID: 1319 Comm: syz-executor217 Not tainted 5.11.0-rc6af8e85128b4d0d24083c5cac646e891227052e0c #70
Call Trace:
 rt_cache_route+0x12e/0x140 net/ipv4/route.c:1503
 rt_set_nexthop.constprop.0+0x1fc/0x590 net/ipv4/route.c:1612
 __mkroute_output net/ipv4/route.c:2484 [inline]
...

The worker leaves msk->subflow alone even when it
happened to close the subflow ssk associated with it.

Fixes: 866f26f2 ("mptcp: always graft subflow socket to parent")
Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/157

Reported-by: default avatarChristoph Paasch <cpaasch@apple.com>
Suggested-by: default avatarPaolo Abeni <pabeni@redhat.com>
Acked-by: default avatarPaolo Abeni <pabeni@redhat.com>
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: Mat Martineau...
bda646bb
Name Last commit Last update
Documentation KVM: arm64: Reject VM creation when the default IPA size is unsupported
LICENSES LICENSES: Add the CC-BY-4.0 license
arch KVM: x86/mmu: Set SPTE_AD_WRPROT_ONLY_MASK if and only if PML is enabled
block block: Discard page cache of zone reset target range
certs certs: Fix blacklist flag type confusion
crypto crypto: mips/poly1305 - enable for all MIPS processors
drivers efi: stub: omit SetVirtualAddressMap() if marked unsupported in RT_PROP table
fs io_uring: don't attempt IO reissue from the ring exit path
include mm/memcg: rename mem_cgroup_split_huge_fixup to split_page_memcg and add nr_pages argument
init kgdb: fix to kill breakpoints on initmem after boot
ipc Merge branch 'akpm' (patches from Andrew)
kernel sched: Simplify set_affinity_pending refcounts
lib kasan: fix KASAN_STACK dependency for HW_TAGS
mm mm/page_alloc.c: refactor initialization of struct page for holes in memory layout
net mptcp: dispose initial struct socket when its subflow is closed
samples samples, bpf: Add missing munmap in xdpsock
scripts ftrace: Have recordmcount use w8 to read relp->r_info in arm64_is_fake_mcount
security Revert 95ebabde ("capabilities: Don't allow writing ambiguous v3 file capabilities")
sound ALSA: usb-audio: fix use after free in usb_audio_disconnect
tools perf report: Fix -F for branch & mem modes
usr Merge branch 'work.fdpic' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
virt KVM: Use kvm_pfn_t for local PFN variable in hva_to_pfn_remapped()
.clang-format clang-format: Update with the latest for_each macro list
.cocciconfig scripts: add Linux .cocciconfig for coccinelle
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl
.gitattributes .gitattributes: use 'dts' diff driver for dts files
.gitignore .gitignore: docs: ignore sphinx_*/ directories
.mailmap MAINTAINERS: update Andrey Ryabinin's email address
COPYING COPYING: state that all contributions really are covered by this file
CREDITS MAINTAINERS: dccp: move Gerrit Renker to CREDITS
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y
Kconfig kbuild: ensure full rebuild when the compiler is updated
MAINTAINERS Merge branch 'for-5.11-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup
Makefile Linux 5.11.7
README Drop all 00-INDEX files from Documentation/
README
Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.