diff options
author | Yan, Zheng <zheng.z.yan@intel.com> | 2011-09-29 13:10:10 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2011-10-04 23:31:24 -0400 |
commit | 260fcbeb1ae9e768a44c9925338fbacb0d7e5ba9 (patch) | |
tree | 741dea73d68eca24c8d515bb7091cbedb77192a4 | |
parent | cb2d0f3e968bff7c6d262aca3e3ab8d4184e69b2 (diff) |
tcp: properly handle md5sig_pool references
tcp_v4_clear_md5_list() assumes that multiple tcp md5sig peers
only hold one reference to md5sig_pool. but tcp_v4_md5_do_add()
increases use count of md5sig_pool for each peer. This patch
makes tcp_v4_md5_do_add() only increases use count for the first
tcp md5sig peer.
Signed-off-by: Zheng Yan <zheng.z.yan@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/ipv4/tcp_ipv4.c | 11 | ||||
-rw-r--r-- | net/ipv6/tcp_ipv6.c | 8 |
2 files changed, 12 insertions, 7 deletions
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index c34f01513945..7963e03f1068 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c | |||
@@ -927,18 +927,21 @@ int tcp_v4_md5_do_add(struct sock *sk, __be32 addr, | |||
927 | } | 927 | } |
928 | sk_nocaps_add(sk, NETIF_F_GSO_MASK); | 928 | sk_nocaps_add(sk, NETIF_F_GSO_MASK); |
929 | } | 929 | } |
930 | if (tcp_alloc_md5sig_pool(sk) == NULL) { | 930 | |
931 | md5sig = tp->md5sig_info; | ||
932 | if (md5sig->entries4 == 0 && | ||
933 | tcp_alloc_md5sig_pool(sk) == NULL) { | ||
931 | kfree(newkey); | 934 | kfree(newkey); |
932 | return -ENOMEM; | 935 | return -ENOMEM; |
933 | } | 936 | } |
934 | md5sig = tp->md5sig_info; | ||
935 | 937 | ||
936 | if (md5sig->alloced4 == md5sig->entries4) { | 938 | if (md5sig->alloced4 == md5sig->entries4) { |
937 | keys = kmalloc((sizeof(*keys) * | 939 | keys = kmalloc((sizeof(*keys) * |
938 | (md5sig->entries4 + 1)), GFP_ATOMIC); | 940 | (md5sig->entries4 + 1)), GFP_ATOMIC); |
939 | if (!keys) { | 941 | if (!keys) { |
940 | kfree(newkey); | 942 | kfree(newkey); |
941 | tcp_free_md5sig_pool(); | 943 | if (md5sig->entries4 == 0) |
944 | tcp_free_md5sig_pool(); | ||
942 | return -ENOMEM; | 945 | return -ENOMEM; |
943 | } | 946 | } |
944 | 947 | ||
@@ -982,6 +985,7 @@ int tcp_v4_md5_do_del(struct sock *sk, __be32 addr) | |||
982 | kfree(tp->md5sig_info->keys4); | 985 | kfree(tp->md5sig_info->keys4); |
983 | tp->md5sig_info->keys4 = NULL; | 986 | tp->md5sig_info->keys4 = NULL; |
984 | tp->md5sig_info->alloced4 = 0; | 987 | tp->md5sig_info->alloced4 = 0; |
988 | tcp_free_md5sig_pool(); | ||
985 | } else if (tp->md5sig_info->entries4 != i) { | 989 | } else if (tp->md5sig_info->entries4 != i) { |
986 | /* Need to do some manipulation */ | 990 | /* Need to do some manipulation */ |
987 | memmove(&tp->md5sig_info->keys4[i], | 991 | memmove(&tp->md5sig_info->keys4[i], |
@@ -989,7 +993,6 @@ int tcp_v4_md5_do_del(struct sock *sk, __be32 addr) | |||
989 | (tp->md5sig_info->entries4 - i) * | 993 | (tp->md5sig_info->entries4 - i) * |
990 | sizeof(struct tcp4_md5sig_key)); | 994 | sizeof(struct tcp4_md5sig_key)); |
991 | } | 995 | } |
992 | tcp_free_md5sig_pool(); | ||
993 | return 0; | 996 | return 0; |
994 | } | 997 | } |
995 | } | 998 | } |
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index 79cc6469508d..7b8fc5794352 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c | |||
@@ -591,7 +591,8 @@ static int tcp_v6_md5_do_add(struct sock *sk, const struct in6_addr *peer, | |||
591 | } | 591 | } |
592 | sk_nocaps_add(sk, NETIF_F_GSO_MASK); | 592 | sk_nocaps_add(sk, NETIF_F_GSO_MASK); |
593 | } | 593 | } |
594 | if (tcp_alloc_md5sig_pool(sk) == NULL) { | 594 | if (tp->md5sig_info->entries6 == 0 && |
595 | tcp_alloc_md5sig_pool(sk) == NULL) { | ||
595 | kfree(newkey); | 596 | kfree(newkey); |
596 | return -ENOMEM; | 597 | return -ENOMEM; |
597 | } | 598 | } |
@@ -600,8 +601,9 @@ static int tcp_v6_md5_do_add(struct sock *sk, const struct in6_addr *peer, | |||
600 | (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC); | 601 | (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC); |
601 | 602 | ||
602 | if (!keys) { | 603 | if (!keys) { |
603 | tcp_free_md5sig_pool(); | ||
604 | kfree(newkey); | 604 | kfree(newkey); |
605 | if (tp->md5sig_info->entries6 == 0) | ||
606 | tcp_free_md5sig_pool(); | ||
605 | return -ENOMEM; | 607 | return -ENOMEM; |
606 | } | 608 | } |
607 | 609 | ||
@@ -647,6 +649,7 @@ static int tcp_v6_md5_do_del(struct sock *sk, const struct in6_addr *peer) | |||
647 | kfree(tp->md5sig_info->keys6); | 649 | kfree(tp->md5sig_info->keys6); |
648 | tp->md5sig_info->keys6 = NULL; | 650 | tp->md5sig_info->keys6 = NULL; |
649 | tp->md5sig_info->alloced6 = 0; | 651 | tp->md5sig_info->alloced6 = 0; |
652 | tcp_free_md5sig_pool(); | ||
650 | } else { | 653 | } else { |
651 | /* shrink the database */ | 654 | /* shrink the database */ |
652 | if (tp->md5sig_info->entries6 != i) | 655 | if (tp->md5sig_info->entries6 != i) |
@@ -655,7 +658,6 @@ static int tcp_v6_md5_do_del(struct sock *sk, const struct in6_addr *peer) | |||
655 | (tp->md5sig_info->entries6 - i) | 658 | (tp->md5sig_info->entries6 - i) |
656 | * sizeof (tp->md5sig_info->keys6[0])); | 659 | * sizeof (tp->md5sig_info->keys6[0])); |
657 | } | 660 | } |
658 | tcp_free_md5sig_pool(); | ||
659 | return 0; | 661 | return 0; |
660 | } | 662 | } |
661 | } | 663 | } |