linux/include/net
David S. Miller ec0a196626 tcp: Revert 'process defer accept as established' changes.
This reverts two changesets, ec3c0982a2
("[TCP]: TCP_DEFER_ACCEPT updates - process as established") and
the follow-on bug fix 9ae27e0adb
("tcp: Fix slab corruption with ipv6 and tcp6fuzz").

This change causes several problems, first reported by Ingo Molnar
as a distcc-over-loopback regression where connections were getting
stuck.

Ilpo Järvinen first spotted the locking problems.  The new function
added by this code, tcp_defer_accept_check(), only has the
child socket locked, yet it is modifying state of the parent
listening socket.

Fixing that is non-trivial at best, because we can't simply just grab
the parent listening socket lock at this point, because it would
create an ABBA deadlock.  The normal ordering is parent listening
socket --> child socket, but this code path would require the
reverse lock ordering.

Next is a problem noticed by Vitaliy Gusev, he noted:

----------------------------------------
>--- a/net/ipv4/tcp_timer.c
>+++ b/net/ipv4/tcp_timer.c
>@@ -481,6 +481,11 @@ static void tcp_keepalive_timer (unsigned long data)
> 		goto death;
> 	}
>
>+	if (tp->defer_tcp_accept.request && sk->sk_state == TCP_ESTABLISHED) {
>+		tcp_send_active_reset(sk, GFP_ATOMIC);
>+		goto death;

Here socket sk is not attached to listening socket's request queue. tcp_done()
will not call inet_csk_destroy_sock() (and tcp_v4_destroy_sock() which should
release this sk) as socket is not DEAD. Therefore socket sk will be lost for
freeing.
----------------------------------------

Finally, Alexey Kuznetsov argues that there might not even be any
real value or advantage to these new semantics even if we fix all
of the bugs:

----------------------------------------
Hiding from accept() sockets with only out-of-order data only
is the only thing which is impossible with old approach. Is this really
so valuable? My opinion: no, this is nothing but a new loophole
to consume memory without control.
----------------------------------------

So revert this thing for now.

Signed-off-by: David S. Miller <davem@davemloft.net>
2008-06-12 16:34:35 -07:00
..
9p 9p: fix error path during early mount 2008-05-14 19:23:27 -05:00
bluetooth bluetooth: Make hci_sock_cleanup() return void 2008-03-05 18:47:03 -08:00
irda irda: Fix a misalign access issue. (v2) 2008-05-13 23:25:57 -07:00
iucv [AF_IUCV]: postpone receival of iucv-packets 2007-10-10 16:54:51 -07:00
netfilter netfilter: nf_conntrack: padding breaks conntrack hash on ARM 2008-04-29 03:35:10 -07:00
netns [NETNS]: The generic per-net pointers. 2008-04-15 00:36:08 -07:00
sctp sctp: Fix ECN markings for IPv6 2008-06-04 12:40:15 -07:00
tc_act [PKT_SCHED]: Add stateless NAT 2007-10-10 16:53:11 -07:00
tipc [TIPC]: Overhaul of socket locking logic 2008-04-15 00:22:02 -07:00
act_api.h [NET_SCHED]: act_api: use PTR_ERR in tcf_action_init/tcf_action_get 2008-01-28 15:11:17 -08:00
addrconf.h [IPV6] ADDRCONF: Allow longer lifetime on 64bit archs. 2008-06-05 04:02:34 +09:00
af_rxrpc.h
af_unix.h [AF_UNIX]: Remove unused declaration of sysctl_unix_max_dgram_qlen. 2008-01-28 14:57:13 -08:00
ah.h [IPSEC]: Get rid of ipv6_{auth,esp,comp}_hdr 2007-10-10 16:55:55 -07:00
arp.h [NETFILTER]: ebtables: remove casts, use consts 2008-01-31 19:27:33 -08:00
atmclip.h
ax25.h [AX25] ax25_ds_timer: use mod_timer instead of add_timer 2008-02-12 17:53:34 -08:00
ax88796.h ax88796: add 93cx6 eeprom support 2007-10-10 16:53:56 -07:00
cfg80211.h nl80211/cfg80211: support for mesh, sta dumping 2008-03-06 15:30:41 -05:00
checksum.h [NET]: Move netfilter checksum helpers to net/core/utils.c 2008-01-28 14:55:14 -08:00
cipso_ipv4.h
compat.h net: Add compat support for getsockopt (MCAST_MSFILTER) 2008-04-29 03:23:22 -07:00
datalink.h
dn.h [DECNET]: Another unnecessary net/tcp.h inclusion in net/dn.h 2007-07-10 23:02:12 -07:00
dn_dev.h
dn_fib.h
dn_neigh.h
dn_nsp.h
dn_route.h [NET]: Wrap netdevice hardware header creation. 2007-10-10 16:52:50 -07:00
dsfield.h [NET]: Constify include/net/dsfield.h 2008-01-28 14:55:58 -08:00
dst.h [NET]: uninline dst_release 2008-03-27 17:53:31 -07:00
esp.h [IPSEC]: Use crypto_aead and authenc in ESP 2008-01-31 19:27:02 -08:00
fib_rules.h [NETNS]: Add netns refcnt debug to fib rules. 2008-04-16 02:01:56 -07:00
flow.h [IPV4]: Remove unused multipath cached routing defintion in net/flow.h 2008-01-28 15:00:20 -08:00
gen_stats.h [NET_SCHED]: Convert packet schedulers from rtnetlink to new netlink API 2008-01-28 15:11:10 -08:00
genetlink.h netlink: Improve returned error codes 2008-06-03 16:36:54 -07:00
icmp.h [NETNS][ICMP]: Move ICMP sysctls on struct net. 2008-03-26 01:55:37 -07:00
ieee80211.h include/net/ieee80211.h - remove duplicate include 2008-03-13 19:32:31 -04:00
ieee80211_crypt.h
ieee80211_radiotap.h [MAC80211]: Add get_unaligned to ieee80211_get_radiotap_len 2007-10-10 16:47:40 -07:00
if_inet6.h [IPV6]: Reorg struct ifmcaddr6 to save some bytes 2008-02-03 04:28:54 -08:00
inet6_connection_sock.h
inet6_hashtables.h [SOCK] proto: Add hashinfo member to struct proto 2008-02-03 04:28:52 -08:00
inet_common.h [NETNS]: Inet control socket should not hold a namespace. 2008-04-03 14:28:30 -07:00
inet_connection_sock.h [INET]: Rename inet_csk_ctl_sock_create to inet_ctl_sock_create. 2008-04-03 14:22:32 -07:00
inet_ecn.h [IPV6]: Use appropriate sock tclass setting for routing lookup. 2008-04-13 23:40:51 -07:00
inet_frag.h [NET]: Rename inet_frag.h identifiers COMPLETE, FIRST_IN, LAST_IN to INET_FRAG_* 2008-03-28 16:35:27 -07:00
inet_hashtables.h [INET]: Uninline the __inet_inherit_port call. 2008-04-17 23:18:15 -07:00
inet_sock.h inet{6}_request_sock: Init ->opt and ->pktopts in the constructor 2008-06-10 12:39:35 -07:00
inet_timewait_sock.h [NETNS]: Compilation warnings under CONFIG_NET_NS. 2008-03-26 00:48:17 -07:00
inetpeer.h [INET]: Use list_head-s in inetpeer.c 2007-11-12 21:27:28 -08:00
ip.h ip: Make use of the inline function dst_metric_locked() 2008-05-04 22:12:43 -07:00
ip6_checksum.h
ip6_fib.h [NETNS][IPV6] rt6_info - move rt6_info structure inside the namespace 2008-03-04 13:48:30 -08:00
ip6_route.h [IPV6]: Make address arguments const. 2008-04-12 13:43:18 +09:00
ip6_tunnel.h [IP_TUNNEL]: Don't limit the number of tunnels with generic name explicitly. 2008-02-23 20:19:20 -08:00
ip_fib.h [IPV4]: Fix compile error building without CONFIG_FS_PROC 2008-02-05 02:54:16 -08:00
ip_vs.h ipvs: fix oops in backup for fwmark conn templates 2008-04-29 03:21:23 -07:00
ipcomp.h [IPSEC]: Get rid of ipv6_{auth,esp,comp}_hdr 2007-10-10 16:55:55 -07:00
ipconfig.h
ipip.h [IPV6] SIT: Add SIOCGETPRL ioctl to get/dump PRL. 2008-04-03 10:06:00 +09:00
ipv6.h IPv6 support for NFS server export caches 2008-04-23 16:13:36 -04:00
ipx.h
iw_handler.h [NL80211]: add netlink interface to cfg80211 2007-10-10 16:52:14 -07:00
lapb.h
llc.h [LLC]: station source mac address 2008-03-28 16:28:36 -07:00
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h [NET]: Make socket creation namespace safe. 2007-10-10 16:49:07 -07:00
llc_if.h [LLC]: Kill static inline llc_addrany 2008-02-29 11:46:17 -08:00
llc_pdu.h [LLC]: skb allocation size for responses 2008-03-31 21:02:47 -07:00
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h [LLC]: skb allocation size for responses 2008-03-31 21:02:47 -07:00
mac80211.h mac80211: Add RTNL version of ieee80211_iterate_active_interfaces 2008-05-16 17:15:09 -04:00
mip6.h [IPV6] MIP6: Use our standard definitions for paddings. 2008-04-12 13:43:22 +09:00
ndisc.h ndisc: Add missing strategies for per-device retrans timer/reachable time settings. 2008-05-19 16:25:42 -07:00
neighbour.h Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-03-27 18:48:56 -07:00
net_namespace.h [NETNS]: Make netns refconting debug like a socket one. 2008-04-16 01:58:04 -07:00
netdma.h
netevent.h [NET]: Remove unnecessary inclusion of dst.h 2008-01-28 14:53:38 -08:00
netlabel.h Audit: collect sessionid in netlink messages 2008-04-28 06:18:03 -04:00
netlink.h netlink: Improve returned error codes 2008-06-03 16:36:54 -07:00
netrom.h
nexthop.h
p8022.h
pkt_cls.h [PKT_SCHED]: Pass real namespace in net scheduler classifiers. 2008-03-27 16:53:37 -07:00
pkt_sched.h [NET_SCHED]: Convert packet schedulers from rtnetlink to new netlink API 2008-01-28 15:11:10 -08:00
protocol.h [NETNS]: Drop packets in the non-initial namespace on the per/protocol basis. 2008-03-24 15:33:00 -07:00
psnap.h
raw.h [RAW]: Add raw_hashinfo member on struct proto. 2008-03-22 16:56:51 -07:00
rawv6.h [IPv6] RAW: Compact the API for the kernel 2008-01-28 14:54:29 -08:00
red.h
request_sock.h tcp: Revert 'process defer accept as established' changes. 2008-06-12 16:34:35 -07:00
rose.h [ROSE]: Fix rose.ko oops on unload 2007-10-07 23:44:17 -07:00
route.h ipv4: Update MTU to all related cache entries in ip_rt_frag_needed() 2008-04-29 03:32:25 -07:00
rtnetlink.h [RTNL]: Introduce the rtnl_kill_links helper. 2008-04-16 00:46:52 -07:00
sch_generic.h [NET_SCHED]: Convert classifiers from rtnetlink to new netlink API 2008-01-28 15:11:11 -08:00
scm.h pid namespaces: changes to show virtual ids to user 2007-10-19 11:53:40 -07:00
slhc_vj.h
snmp.h [XFRM]: Define packet dropping statistics. 2008-01-28 14:59:38 -08:00
sock.h [NETNS]: Add netns refcnt debug for kernel sockets. 2008-04-16 01:59:46 -07:00
syncppp.h syncppp: Fix crashes. 2008-05-12 03:29:11 -07:00
tcp.h tcp: Revert 'process defer accept as established' changes. 2008-06-12 16:34:35 -07:00
tcp_states.h
timewait_sock.h
transp_v6.h [IPV6] NETNS: Handle ancillary data in appropriate namespace. 2008-06-05 04:02:36 +09:00
udp.h [IPV6]: inet_sk(sk)->cork.opt leak 2008-06-05 04:02:38 +09:00
udplite.h [UDP]: Revert udplite and code split. 2008-03-06 16:22:02 -08:00
wext.h [NET]: Make the device list and device lookups per namespace. 2007-10-10 16:49:10 -07:00
wireless.h cfg80211: don't export ieee80211_get_channel 2008-03-27 16:03:20 -04:00
x25.h
x25device.h
xfrm.h xfrm: convert empty xfrm_audit_* macros to functions 2008-05-03 21:03:01 -07:00