John Fastabend wrote: > Resolve a series of splats discovered by syzbot and noted by > Eric Dumazet. The primary problem here is we resolved an issue on > the BPF sockmap side by adding an unhash callback. This is > required to ensure sockmap sockets do not transition out of > ESTABLISHED state into a LISTEN state. When we did this it > created a case where the interaction between callbacks in TLS > and sockmap when used together could break. This resulted in > leaking TLS memory and potential to build loops of callbacks > where sockmap called into TLS and TLS called back into BPF. > > Additionally, TLS was releasing the sock lock and then > reaquiring it during the tear down process which could hang > if another sock operation happened while the lock was not > held. > > To fix this first refactor TLS code so lock is held for the > entire teardown operation. Then add an unhash callback to ensure > TLS can not transition from ESTABLISHED to LISTEN state. This > transition is a similar bug to the one found and fixed previously > in sockmap. And cleans up the callbacks to fix the syzbot > errors. > > --- > Jakub, If you could test this for the offload case that would be helpful. I don't have any hardware here. We will still need a few fixes in the unhash/hardware case but would be good to know we don't cause any regressions here. Thanks, John
