summaryrefslogtreecommitdiffstats
path: root/net/ipv4/inet_connection_sock.c
diff options
context:
space:
mode:
authorEric Dumazet <edumazet@google.com>2017-10-09 06:44:51 +0200
committerDavid S. Miller <davem@davemloft.net>2017-10-10 05:55:01 +0200
commit9f1c2674b328a69ab5a9b5a1c52405795ee4163f (patch)
treebef7fc6c61201ca2b6d913bab2686a38fda039d2 /net/ipv4/inet_connection_sock.c
parentMerge branch 'ppc-bundle' (bundle from Michael Ellerman) (diff)
downloadlinux-9f1c2674b328a69ab5a9b5a1c52405795ee4163f.tar.xz
linux-9f1c2674b328a69ab5a9b5a1c52405795ee4163f.zip
net: memcontrol: defer call to mem_cgroup_sk_alloc()
Instead of calling mem_cgroup_sk_alloc() from BH context, it is better to call it from inet_csk_accept() in process context. Not only this removes code in mem_cgroup_sk_alloc(), but it also fixes a bug since listener might have been dismantled and css_get() might cause a use-after-free. Fixes: e994b2f0fb92 ("tcp: do not lock listener to process SYN packets") Signed-off-by: Eric Dumazet <edumazet@google.com> Cc: Johannes Weiner <hannes@cmpxchg.org> Cc: Tejun Heo <tj@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/inet_connection_sock.c')
-rw-r--r--net/ipv4/inet_connection_sock.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c
index c039c937ba90..67aec7a10686 100644
--- a/net/ipv4/inet_connection_sock.c
+++ b/net/ipv4/inet_connection_sock.c
@@ -475,6 +475,7 @@ struct sock *inet_csk_accept(struct sock *sk, int flags, int *err, bool kern)
}
spin_unlock_bh(&queue->fastopenq.lock);
}
+ mem_cgroup_sk_alloc(newsk);
out:
release_sock(sk);
if (req)