On Tue, Jun 29, 2021 at 08:20 AM CEST, Cong Wang wrote:
[...]
> @@ -854,7 +854,8 @@ static int sk_psock_skb_redirect(struct sk_psock *from, struct sk_buff *skb)
> return -EIO;
> }
> spin_lock_bh(&psock_other->ingress_lock);
> - if (!sk_psock_test_state(psock_other, SK_PSOCK_TX_ENABLED)) {
> + if (!sk_psock_test_state(psock_other, SK_PSOCK_TX_ENABLED) ||
> + atomic_read(&sk_other->sk_rmem_alloc) > sk_other->sk_rcvbuf) {
> spin_unlock_bh(&psock_other->ingress_lock);
> skb_bpf_redirect_clear(skb);
> sock_drop(from->sk, skb);
> @@ -930,7 +931,8 @@ static int sk_psock_verdict_apply(struct sk_psock *psock, struct sk_buff *skb,
> }
> if (err < 0) {
> spin_lock_bh(&psock->ingress_lock);
> - if (sk_psock_test_state(psock, SK_PSOCK_TX_ENABLED)) {
> + if (sk_psock_test_state(psock, SK_PSOCK_TX_ENABLED) &&
> + atomic_read(&sk_other->sk_rmem_alloc) <= sk_other->sk_rcvbuf) {
> skb_queue_tail(&psock->ingress_skb, skb);
> schedule_work(&psock->work);
> err = 0;
I belive access to sk_rcvbuf should be annotated with READ_ONCE (for
KCSAN's sake) as we don't lock the egress socket. See 8265792bf887 [1]
("net: silence KCSAN warnings around sk_add_backlog() calls") for
guidance.
[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8265792bf8871acc2d00fd03883d830e2249d395
