Hi,
On Mon, Aug 22, 2022 at 07:38:14PM -0700, Harsh Modi wrote:
> It is possible that there is already a dst allocated.
This is bridge path, do you know what might have already set up the
dst to the skbuff? Is this a theoretical issue or you are observing a
dst leak there?
> If it is not released, it will be leaked. This is similar to what is
> done in bpf_set_tunnel_key().
>
> Signed-off-by: Harsh Modi <harshmodi@xxxxxxxxxx>
> ---
> net/bridge/br_netfilter_hooks.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/net/bridge/br_netfilter_hooks.c b/net/bridge/br_netfilter_hooks.c
> index ff4779036649..f20f4373ff40 100644
> --- a/net/bridge/br_netfilter_hooks.c
> +++ b/net/bridge/br_netfilter_hooks.c
> @@ -384,6 +384,7 @@ static int br_nf_pre_routing_finish(struct net *net, struct sock *sk, struct sk_
> /* - Bridged-and-DNAT'ed traffic doesn't
> * require ip_forwarding. */
> if (rt->dst.dev == dev) {
> + skb_dst_drop(skb);
> skb_dst_set(skb, &rt->dst);
> goto bridged_dnat;
> }
> @@ -413,6 +414,7 @@ static int br_nf_pre_routing_finish(struct net *net, struct sock *sk, struct sk_
> kfree_skb(skb);
> return 0;
> }
> + skb_dst_drop(skb);
> skb_dst_set_noref(skb, &rt->dst);
> }
>
> --
> 2.37.1.595.g718a3a8f04-goog
>
