diff options
| author | Florian Westphal <fw@strlen.de> | 2019-11-21 06:56:23 +0100 | 
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2019-11-22 09:28:46 -0800 | 
| commit | 677bf08cfdf9ee411c2084157f15d85edb09a81a (patch) | |
| tree | 291eb5fab8488e13ce843160bdc5a0fd7a5c936b /include/linux/skbuff.h | |
| parent | ff08ddba3a55caadd0ae531975b06b407d008ae7 (diff) | |
udp: drop skb extensions before marking skb stateless
Once udp stack has set the UDP_SKB_IS_STATELESS flag, later skb free
assumes all skb head state has been dropped already.
This will leak the extension memory in case the skb has extensions other
than the ipsec secpath, e.g. bridge nf data.
To fix this, set the UDP_SKB_IS_STATELESS flag only if we don't have
extensions or if the extension space can be free'd.
Fixes: 895b5c9f206eb7d25dc1360a ("netfilter: drop bridge nf reset from nf_reset")
Cc: Paolo Abeni <pabeni@redhat.com>
Reported-by: Byron Stanoszek <gandalf@winds.org>
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/linux/skbuff.h')
| -rw-r--r-- | include/linux/skbuff.h | 6 | 
1 files changed, 6 insertions, 0 deletions
| diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h index 64a395c7f689..8688f7adfda7 100644 --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h @@ -4169,12 +4169,18 @@ static inline void skb_ext_reset(struct sk_buff *skb)  		skb->active_extensions = 0;  	}  } + +static inline bool skb_has_extensions(struct sk_buff *skb) +{ +	return unlikely(skb->active_extensions); +}  #else  static inline void skb_ext_put(struct sk_buff *skb) {}  static inline void skb_ext_reset(struct sk_buff *skb) {}  static inline void skb_ext_del(struct sk_buff *skb, int unused) {}  static inline void __skb_ext_copy(struct sk_buff *d, const struct sk_buff *s) {}  static inline void skb_ext_copy(struct sk_buff *dst, const struct sk_buff *s) {} +static inline bool skb_has_extensions(struct sk_buff *skb) { return false; }  #endif /* CONFIG_SKB_EXTENSIONS */  static inline void nf_reset_ct(struct sk_buff *skb) | 
