Revert "tcp: call sock_orphan() before freeing socket in tcp_nuke_addr" This reverts commit 3d78ff9df45c3028845c5cf6a05c9378e438f77f. Although the standard is to detach sockets from process contexts prior to freeing them, under some conditions doing this in tcp_nuke_addr() will cause a null socket dereference in sk_wait_data(). To avoid this scenario, it may be necessary to purge the sk_receive queue and place additional checks to ensure a socket is orphaned only when it will be freed. Change-Id: I880ea9e2cd259eebbc40a81a32b96b4af8c36f95 Signed-off-by: Osvaldo Banuelos <osvaldob@codeaurora.org>

commit: 66990961f67ebbf74eafc431cba789b1fdbeb1c8 [log] [tgz]
author: Osvaldo Banuelos <osvaldob@codeaurora.org> Mon Dec 16 12:50:02 2013 -0800
committer: Osvaldo Banuelos <osvaldob@codeaurora.org> Mon Dec 16 13:47:20 2013 -0800
tree: a85982cbe84ae7a181030ccbd05bb546ebb4d82f
parent: 904c14d402785cd05c5818fb733e7f33bc5dcd64 [diff]
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index 2628937..b2b0e99 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c

@@ -3443,10 +3443,7 @@
 			tcp_done(sk);
 			bh_unlock_sock(sk);
 			local_bh_enable();
-			if (!sock_flag(sk, SOCK_DEAD)) {
-				sock_orphan(sk);
-				sock_put(sk);
-			}
+			sock_put(sk);
 
 			goto restart;
 		}
commit	66990961f67ebbf74eafc431cba789b1fdbeb1c8	[log] [tgz]
author	Osvaldo Banuelos <osvaldob@codeaurora.org>	Mon Dec 16 12:50:02 2013 -0800
committer	Osvaldo Banuelos <osvaldob@codeaurora.org>	Mon Dec 16 13:47:20 2013 -0800
tree	a85982cbe84ae7a181030ccbd05bb546ebb4d82f
parent	904c14d402785cd05c5818fb733e7f33bc5dcd64 [diff]