linux/net/core
Eric Dumazet 3d861f6610 net: fix secpath kmemleak
Mike Kazantsev found 3.5 kernels and beyond were leaking memory,
and tracked the faulty commit to a1c7fff7e1 ("net:
netdev_alloc_skb() use build_skb()")

While this commit seems fine, it uncovered a bug introduced
in commit bad43ca832 ("net: introduce skb_try_coalesce()), in function
kfree_skb_partial()"):

If head is stolen, we free the sk_buff,
without removing references on secpath (skb->sp).

So IPsec + IP defrag/reassembly (using skb coalescing), or
TCP coalescing could leak secpath objects.

Fix this bug by calling skb_release_head_state(skb) to properly
release all possible references to linked objects.

Reported-by: Mike Kazantsev <mk.fraggod@gmail.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Bisected-by: Mike Kazantsev <mk.fraggod@gmail.com>
Tested-by: Mike Kazantsev <mk.fraggod@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-10-22 15:16:07 -04:00
..
datagram.c net: skb_free_datagram_locked() doesnt drop all packets 2012-06-27 15:40:57 -07:00
dev_addr_lists.c netdev: make address const in device address management 2012-09-19 16:35:22 -04:00
dev.c vlan: don't deliver frames for unknown vlans to protocols 2012-10-08 15:21:55 -04:00
drop_monitor.c drop_monitor: dont sleep in atomic context 2012-06-04 11:42:01 -04:00
dst.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
ethtool.c net: provide a default dev->ethtool_ops 2012-09-19 15:40:15 -04:00
fib_rules.c netlink: Rename pid to portid to avoid confusion 2012-09-10 15:30:41 -04:00
filter.c filter: add XOR instruction for use with X/K 2012-09-24 16:49:21 -04:00
flow_dissector.c ipv6: add ipv6_addr_hash() helper 2012-07-18 11:28:46 -07:00
flow.c
gen_estimator.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
gen_stats.c gen_stats: Stop using NLA_PUT*(). 2012-04-02 04:33:44 -04:00
iovec.c net: get rid of some pointless casts to sockaddr 2012-03-11 19:11:22 -07:00
link_watch.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
Makefile
neighbour.c net: Fix skb_under_panic oops in neigh_resolve_output 2012-10-07 14:42:39 -04:00
net_namespace.c net: Statically initialize init_net.dev_base_head 2012-07-18 13:32:27 -07:00
net-sysfs.c net: add unknown state to sysfs NIC duplex export 2012-09-05 17:40:07 -04:00
net-sysfs.h
net-traces.c
netevent.c
netpoll.c netpoll: call ->ndo_select_queue() in tx path 2012-09-19 17:19:09 -04:00
netprio_cgroup.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-10-02 20:25:04 -07:00
pktgen.c pktgen: replace scan_ip6() with in6_pton() 2012-10-10 22:33:30 -04:00
request_sock.c tcp: TCP Fast Open Server - support TFO listeners 2012-08-31 20:02:19 -04:00
rtnetlink.c netlink: add attributes to fdb interface 2012-10-01 18:39:44 -04:00
scm.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-10-02 20:25:04 -07:00
secure_seq.c netfilter: ipv6: add IPv6 NAT support 2012-08-30 03:00:17 +02:00
skbuff.c net: fix secpath kmemleak 2012-10-22 15:16:07 -04:00
sock_diag.c netlink: hide struct module parameter in netlink_kernel_create 2012-09-08 18:46:30 -04:00
sock.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
stream.c
sysctl_net_core.c net: Delete all remaining instances of ctl_path 2012-04-20 21:22:30 -04:00
timestamping.c
user_dma.c
utils.c net: add doc for in4_pton() 2012-10-12 13:56:52 -04:00