diff options
author | Jeremy Kerr <jk@codeconstruct.com.au> | 2023-01-24 03:01:03 +0100 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2023-01-25 14:07:37 +0100 |
commit | de8a6b15d9654c3e4f672d76da9d9df8ee06331d (patch) | |
tree | abcadce54cd7abc941e2d25e56c8524956c2187b /net/mctp | |
parent | Merge branch 'ravb-fixes' (diff) | |
download | linux-de8a6b15d9654c3e4f672d76da9d9df8ee06331d.tar.xz linux-de8a6b15d9654c3e4f672d76da9d9df8ee06331d.zip |
net: mctp: add an explicit reference from a mctp_sk_key to sock
Currently, we correlate the mctp_sk_key lifetime to the sock lifetime
through the sock hash/unhash operations, but this is pretty tenuous, and
there are cases where we may have a temporary reference to an unhashed
sk.
This change makes the reference more explicit, by adding a hold on the
sock when it's associated with a mctp_sk_key, released on final key
unref.
Fixes: 73c618456dc5 ("mctp: locking, lifetime and validity changes for sk_keys")
Signed-off-by: Jeremy Kerr <jk@codeconstruct.com.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/mctp')
-rw-r--r-- | net/mctp/route.c | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/net/mctp/route.c b/net/mctp/route.c index f9a80b82dc51..ce10ba7ae839 100644 --- a/net/mctp/route.c +++ b/net/mctp/route.c @@ -147,6 +147,7 @@ static struct mctp_sk_key *mctp_key_alloc(struct mctp_sock *msk, key->valid = true; spin_lock_init(&key->lock); refcount_set(&key->refs, 1); + sock_hold(key->sk); return key; } @@ -165,6 +166,7 @@ void mctp_key_unref(struct mctp_sk_key *key) mctp_dev_release_key(key->dev, key); spin_unlock_irqrestore(&key->lock, flags); + sock_put(key->sk); kfree(key); } @@ -419,14 +421,14 @@ static int mctp_route_input(struct mctp_route *route, struct sk_buff *skb) * this function. */ rc = mctp_key_add(key, msk); - if (rc) { - kfree(key); - } else { + if (!rc) trace_mctp_key_acquire(key); - /* we don't need to release key->lock on exit */ - mctp_key_unref(key); - } + /* we don't need to release key->lock on exit, so + * clean up here and suppress the unlock via + * setting to NULL + */ + mctp_key_unref(key); key = NULL; } else { |