tcp: initialise newsk->sk_pagepool for passive sockets
tcp_init_sock() is not called for children (at accept() time)
Only for freshly allocated sockets, inet[6]_create() call tcp_init_sock() via
if (sk->sk_prot->init) {
err = sk->sk_prot->init(sk);
if (err) {
sk_common_release(sk);
goto out;
}
}
But passive connections do not have such a call.
tcp_create_openreq_child() is clearing/resetting
all fields that must be cleared/reset
after the cloning from parent (listener) happened.
It is not clear why at accept() time we find the listener sk_pagepool
locked because this stuff matters only for established flows.
We must not assume user space would not do strange things.
Therefore the fix will be either in inet_csk_clone_lock()
if we want to extend sk_pagepool to other protocols,
or tcp_create_openreq_child() since only TCP calls xa_destroy() so far.
cos-patch: bug
Fixes: 987df26c30c6 ("tcp: implement RX path for devmem sockets")
Change-Id: I3cc3770af224f790154ee56094ddfc4f7797428b
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reviewed-on: https://cos-review.googlesource.com/c/third_party/kernel/+/64590
Reviewed-by: Mina Almasry <almasrymina@google.com>
Tested-by: Mina Almasry <almasrymina@google.com>
Reviewed-on: https://cos-review.googlesource.com/c/third_party/kernel/+/66492
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Main-Branch-Verified: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Reviewed-by: Oleksandr Tymoshenko <ovt@google.com>
diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c
index 42844d2..33081ed 100644
--- a/net/ipv4/tcp_minisocks.c
+++ b/net/ipv4/tcp_minisocks.c
@@ -567,6 +567,8 @@ struct sock *tcp_create_openreq_child(const struct sock *sk,
__TCP_INC_STATS(sock_net(sk), TCP_MIB_PASSIVEOPENS);
+ xa_init_flags(&newsk->sk_pagepool, XA_FLAGS_ALLOC1);
+
return newsk;
}
EXPORT_SYMBOL(tcp_create_openreq_child);
