| From foo@baz Fri Dec 11 11:38:06 EST 2015 |
| From: Hannes Frederic Sowa <hannes@stressinduktion.org> |
| Date: Tue, 17 Nov 2015 15:10:59 +0100 |
| Subject: af_unix: take receive queue lock while appending new skb |
| |
| From: Hannes Frederic Sowa <hannes@stressinduktion.org> |
| |
| [ Upstream commit a3a116e04cc6a94d595ead4e956ab1bc1d2f4746 ] |
| |
| While possibly in future we don't necessarily need to use |
| sk_buff_head.lock this is a rather larger change, as it affects the |
| af_unix fd garbage collector, diag and socket cleanups. This is too much |
| for a stable patch. |
| |
| For the time being grab sk_buff_head.lock without disabling bh and irqs, |
| so don't use locked skb_queue_tail. |
| |
| Fixes: 869e7c62486e ("net: af_unix: implement stream sendpage support") |
| Cc: Eric Dumazet <edumazet@google.com> |
| Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org> |
| Reported-by: Eric Dumazet <edumazet@google.com> |
| Acked-by: Eric Dumazet <edumazet@google.com> |
| Signed-off-by: David S. Miller <davem@davemloft.net> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| net/unix/af_unix.c | 5 ++++- |
| 1 file changed, 4 insertions(+), 1 deletion(-) |
| |
| --- a/net/unix/af_unix.c |
| +++ b/net/unix/af_unix.c |
| @@ -1812,8 +1812,11 @@ alloc_skb: |
| skb->truesize += size; |
| atomic_add(size, &sk->sk_wmem_alloc); |
| |
| - if (newskb) |
| + if (newskb) { |
| + spin_lock(&other->sk_receive_queue.lock); |
| __skb_queue_tail(&other->sk_receive_queue, newskb); |
| + spin_unlock(&other->sk_receive_queue.lock); |
| + } |
| |
| unix_state_unlock(other); |
| mutex_unlock(&unix_sk(other)->readlock); |
