aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorYan, Zheng <zheng.z.yan@intel.com>2011-09-29 13:10:10 -0400
committerDavid S. Miller <davem@davemloft.net>2011-10-04 23:31:24 -0400
commit260fcbeb1ae9e768a44c9925338fbacb0d7e5ba9 (patch)
tree741dea73d68eca24c8d515bb7091cbedb77192a4
parentcb2d0f3e968bff7c6d262aca3e3ab8d4184e69b2 (diff)
tcp: properly handle md5sig_pool references
tcp_v4_clear_md5_list() assumes that multiple tcp md5sig peers only hold one reference to md5sig_pool. but tcp_v4_md5_do_add() increases use count of md5sig_pool for each peer. This patch makes tcp_v4_md5_do_add() only increases use count for the first tcp md5sig peer. Signed-off-by: Zheng Yan <zheng.z.yan@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv4/tcp_ipv4.c11
-rw-r--r--net/ipv6/tcp_ipv6.c8
2 files changed, 12 insertions, 7 deletions
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index c34f01513945..7963e03f1068 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -927,18 +927,21 @@ int tcp_v4_md5_do_add(struct sock *sk, __be32 addr,
927 } 927 }
928 sk_nocaps_add(sk, NETIF_F_GSO_MASK); 928 sk_nocaps_add(sk, NETIF_F_GSO_MASK);
929 } 929 }
930 if (tcp_alloc_md5sig_pool(sk) == NULL) { 930
931 md5sig = tp->md5sig_info;
932 if (md5sig->entries4 == 0 &&
933 tcp_alloc_md5sig_pool(sk) == NULL) {
931 kfree(newkey); 934 kfree(newkey);
932 return -ENOMEM; 935 return -ENOMEM;
933 } 936 }
934 md5sig = tp->md5sig_info;
935 937
936 if (md5sig->alloced4 == md5sig->entries4) { 938 if (md5sig->alloced4 == md5sig->entries4) {
937 keys = kmalloc((sizeof(*keys) * 939 keys = kmalloc((sizeof(*keys) *
938 (md5sig->entries4 + 1)), GFP_ATOMIC); 940 (md5sig->entries4 + 1)), GFP_ATOMIC);
939 if (!keys) { 941 if (!keys) {
940 kfree(newkey); 942 kfree(newkey);
941 tcp_free_md5sig_pool(); 943 if (md5sig->entries4 == 0)
944 tcp_free_md5sig_pool();
942 return -ENOMEM; 945 return -ENOMEM;
943 } 946 }
944 947
@@ -982,6 +985,7 @@ int tcp_v4_md5_do_del(struct sock *sk, __be32 addr)
982 kfree(tp->md5sig_info->keys4); 985 kfree(tp->md5sig_info->keys4);
983 tp->md5sig_info->keys4 = NULL; 986 tp->md5sig_info->keys4 = NULL;
984 tp->md5sig_info->alloced4 = 0; 987 tp->md5sig_info->alloced4 = 0;
988 tcp_free_md5sig_pool();
985 } else if (tp->md5sig_info->entries4 != i) { 989 } else if (tp->md5sig_info->entries4 != i) {
986 /* Need to do some manipulation */ 990 /* Need to do some manipulation */
987 memmove(&tp->md5sig_info->keys4[i], 991 memmove(&tp->md5sig_info->keys4[i],
@@ -989,7 +993,6 @@ int tcp_v4_md5_do_del(struct sock *sk, __be32 addr)
989 (tp->md5sig_info->entries4 - i) * 993 (tp->md5sig_info->entries4 - i) *
990 sizeof(struct tcp4_md5sig_key)); 994 sizeof(struct tcp4_md5sig_key));
991 } 995 }
992 tcp_free_md5sig_pool();
993 return 0; 996 return 0;
994 } 997 }
995 } 998 }
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c
index 79cc6469508d..7b8fc5794352 100644
--- a/net/ipv6/tcp_ipv6.c
+++ b/net/ipv6/tcp_ipv6.c
@@ -591,7 +591,8 @@ static int tcp_v6_md5_do_add(struct sock *sk, const struct in6_addr *peer,
591 } 591 }
592 sk_nocaps_add(sk, NETIF_F_GSO_MASK); 592 sk_nocaps_add(sk, NETIF_F_GSO_MASK);
593 } 593 }
594 if (tcp_alloc_md5sig_pool(sk) == NULL) { 594 if (tp->md5sig_info->entries6 == 0 &&
595 tcp_alloc_md5sig_pool(sk) == NULL) {
595 kfree(newkey); 596 kfree(newkey);
596 return -ENOMEM; 597 return -ENOMEM;
597 } 598 }
@@ -600,8 +601,9 @@ static int tcp_v6_md5_do_add(struct sock *sk, const struct in6_addr *peer,
600 (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC); 601 (tp->md5sig_info->entries6 + 1)), GFP_ATOMIC);
601 602
602 if (!keys) { 603 if (!keys) {
603 tcp_free_md5sig_pool();
604 kfree(newkey); 604 kfree(newkey);
605 if (tp->md5sig_info->entries6 == 0)
606 tcp_free_md5sig_pool();
605 return -ENOMEM; 607 return -ENOMEM;
606 } 608 }
607 609
@@ -647,6 +649,7 @@ static int tcp_v6_md5_do_del(struct sock *sk, const struct in6_addr *peer)
647 kfree(tp->md5sig_info->keys6); 649 kfree(tp->md5sig_info->keys6);
648 tp->md5sig_info->keys6 = NULL; 650 tp->md5sig_info->keys6 = NULL;
649 tp->md5sig_info->alloced6 = 0; 651 tp->md5sig_info->alloced6 = 0;
652 tcp_free_md5sig_pool();
650 } else { 653 } else {
651 /* shrink the database */ 654 /* shrink the database */
652 if (tp->md5sig_info->entries6 != i) 655 if (tp->md5sig_info->entries6 != i)
@@ -655,7 +658,6 @@ static int tcp_v6_md5_do_del(struct sock *sk, const struct in6_addr *peer)
655 (tp->md5sig_info->entries6 - i) 658 (tp->md5sig_info->entries6 - i)
656 * sizeof (tp->md5sig_info->keys6[0])); 659 * sizeof (tp->md5sig_info->keys6[0]));
657 } 660 }
658 tcp_free_md5sig_pool();
659 return 0; 661 return 0;
660 } 662 }
661 } 663 }