While rolling out a new BPF based TC classifier I hit a memory leak, which manifests in large numbers of request and time wait sockets not being released. The root cause is that the current BPF helpers dealing with sockets are naive: they assume that sk->sk_flags is always valid. struct request_sock and struct inet_timewait_sock break this. I've fixed this up by adding a helper that checks sk_state in addition to sk_flags. The solution is a bit clumsy: it encapsulates details of struct sock in BPF. It would probably be nicer to have a sock_gen_put + SOCK_RCU_FREE function exposed in sock.h, but that might be too big a change for backports. Thoughts? Lorenz Bauer (1): net: bpf: don't leak time wait and request sockets net/core/filter.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) -- 2.20.1
