On 08/17/2017 08:22 AM, Daniel Borkmann wrote:
> In smap_do_verdict(), the fall-through branch leads to call
> preempt_enable() twice for the SK_REDIRECT, which creates an
> imbalance. Only enable it for all remaining cases again.
>
> Fixes: 174a79ff9515 ("bpf: sockmap with sk redirect support")
> Reported-by: Alexei Starovoitov <a...@kernel.org>
> Signed-off-by: Daniel Borkmann <dan...@iogearbox.net>
> ---
> kernel/bpf/sockmap.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/kernel/bpf/sockmap.c b/kernel/bpf/sockmap.c
> index f7e5e6c..39de541 100644
> --- a/kernel/bpf/sockmap.c
> +++ b/kernel/bpf/sockmap.c
> @@ -135,7 +135,8 @@ static void smap_do_verdict(struct smap_psock *psock,
> struct sk_buff *skb)
> /* Fall through and free skb otherwise */
> case SK_DROP:
> default:
> - preempt_enable();
> + if (rc != SK_REDIRECT)
> + preempt_enable();
> kfree_skb(skb);
> }
> }
>
Yep looks good, nice catch Alexei. Thanks! I'll add a selftests entry
in test_maps to catch this fall through case. Looks like we don't hit
this case during selftests at the moment.
Acked-by: John Fastabend <john.fastab...@gmail.com>
