提交 350f8ab8 编写于 作者: L Lingpeng Chen 提交者: Shile Zhang

bpf/sockmap: Read psock ingress_msg before sk_receive_queue

commit e7a5f1f1cd0008e5ad379270a8657e121eedb669 upstream

Right now in tcp_bpf_recvmsg, sock read data first from sk_receive_queue
if not empty than psock->ingress_msg otherwise. If a FIN packet arrives
and there's also some data in psock->ingress_msg, the data in
psock->ingress_msg will be purged. It is always happen when request to a
HTTP1.0 server like python SimpleHTTPServer since the server send FIN
packet after data is sent out.

Fixes: 604326b41a6fb ("bpf, sockmap: convert to generic sk_msg interface")
Reported-by: NArika Chen <eaglesora@gmail.com>
Suggested-by: NArika Chen <eaglesora@gmail.com>
Signed-off-by: NLingpeng Chen <forrest0579@gmail.com>
Signed-off-by: NJohn Fastabend <john.fastabend@gmail.com>
Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
Acked-by: NSong Liu <songliubraving@fb.com>
Link: https://lore.kernel.org/bpf/20200109014833.18951-1-forrest0579@gmail.com
[tonylu: patched modified to match BIG rework between v4.19 and upstream]
Signed-off-by: NTony Lu <tonylu@linux.alibaba.com>
Acked-by: NDust Li <dust.li@linux.alibaba.com>
Acked-by: NCaspar Zhang <caspar@linux.alibaba.com>
上级 4a5d2b59
...@@ -931,11 +931,6 @@ static int bpf_tcp_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, ...@@ -931,11 +931,6 @@ static int bpf_tcp_recvmsg(struct sock *sk, struct msghdr *msg, size_t len,
struct smap_psock *psock; struct smap_psock *psock;
int copied = 0; int copied = 0;
if (unlikely(flags & MSG_ERRQUEUE))
return inet_recv_error(sk, msg, len, addr_len);
if (!skb_queue_empty(&sk->sk_receive_queue))
return tcp_recvmsg(sk, msg, len, nonblock, flags, addr_len);
rcu_read_lock(); rcu_read_lock();
psock = smap_psock_sk(sk); psock = smap_psock_sk(sk);
if (unlikely(!psock)) if (unlikely(!psock))
...@@ -945,6 +940,12 @@ static int bpf_tcp_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, ...@@ -945,6 +940,12 @@ static int bpf_tcp_recvmsg(struct sock *sk, struct msghdr *msg, size_t len,
goto out; goto out;
rcu_read_unlock(); rcu_read_unlock();
if (unlikely(flags & MSG_ERRQUEUE))
return inet_recv_error(sk, msg, len, addr_len);
if (!skb_queue_empty(&sk->sk_receive_queue) &&
list_empty(&psock->ingress))
return tcp_recvmsg(sk, msg, len, nonblock, flags, addr_len);
lock_sock(sk); lock_sock(sk);
bytes_ready: bytes_ready:
while (copied != len) { while (copied != len) {
...@@ -1010,7 +1011,7 @@ static int bpf_tcp_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, ...@@ -1010,7 +1011,7 @@ static int bpf_tcp_recvmsg(struct sock *sk, struct msghdr *msg, size_t len,
data = bpf_wait_data(sk, psock, flags, timeo, &err); data = bpf_wait_data(sk, psock, flags, timeo, &err);
if (data) { if (data) {
if (!skb_queue_empty(&sk->sk_receive_queue)) { if (list_empty(&psock->ingress)) {
release_sock(sk); release_sock(sk);
smap_release_sock(psock, sk); smap_release_sock(psock, sk);
copied = tcp_recvmsg(sk, msg, len, nonblock, flags, addr_len); copied = tcp_recvmsg(sk, msg, len, nonblock, flags, addr_len);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册