[PATCH] net: drop skbs in napi->rx_list when removing the napi context.

From: Nguyen Dinh Phi
Date: Wed Aug 11 2021 - 20:00:13 EST

Next message: Phillip Potter: "Re: [PATCH 0/3] staging: r8188eu: Clean up some smatch warnings and errors"
Previous message: Stephane Eranian: "Re: [RFC] perf/core: Add an ioctl to get a number of lost samples"
Next in thread: Eric Dumazet: "Re: [PATCH] net: drop skbs in napi->rx_list when removing the napi context."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The napi->rx_list is used to hold the GRO_NORMAL skbs before passing
them to the stack, these skbs only passed to stack at the flush time or
when the list's weight matches the predefined condition. In case the
rx_list contains pending skbs when we remove the napi context, we need
to clean out this list, otherwise, a memory leak will happen.

Signed-off-by: Nguyen Dinh Phi <phind.uet@xxxxxxxxx>
Reported-by: syzbot+989efe781c74de1ddb54@xxxxxxxxxxxxxxxxxxxxxxxxx
---
net/core/dev.c | 7 +++++++
1 file changed, 7 insertions(+)

diff --git a/net/core/dev.c b/net/core/dev.c
index b51e41d0a7fe..319fffc62ce6 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -7038,6 +7038,13 @@ void __netif_napi_del(struct napi_struct *napi)
list_del_rcu(&napi->dev_list);
napi_free_frags(napi);

+ if (napi->rx_count) {
+ struct sk_buff *skb, *n;
+
+ list_for_each_entry_safe(skb, n, &napi->rx_list, list)
+ kfree_skb(skb);
+ }
+
flush_gro_hash(napi);
napi->gro_bitmask = 0;

--
2.25.1

Next message: Phillip Potter: "Re: [PATCH 0/3] staging: r8188eu: Clean up some smatch warnings and errors"
Previous message: Stephane Eranian: "Re: [RFC] perf/core: Add an ioctl to get a number of lost samples"
Next in thread: Eric Dumazet: "Re: [PATCH] net: drop skbs in napi->rx_list when removing the napi context."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]