This series fixes a missing wakeup when inet_csk_listen_stop() migrates an established child socket from a closing listener to another socket in the same SO_REUSEPORT group after the child has already been queued for accept.
The target listener receives the migrated accept-queue entry via inet_csk_reqsk_queue_add(), but its waiters are not notified. Nonblocking accept() still succeeds because it checks the accept queue directly, but readiness-based waiters can remain asleep until another connection generates a wakeup. Patch 1 notifies the target listener after a successful migration in inet_csk_listen_stop() and protects the post-queue_add() nsk accesses with rcu_read_lock()/rcu_read_unlock(). Patch 2 extends the existing migrate_reuseport BPF selftest with an epoll readiness check for the TCP_ESTABLISHED migration case. Testing: - On a patched kernel booted under QEMU, the full migrate_reuseport selftest passes with SELFTEST_RC=0. --- v2: - wrap the post-queue_add() nsk dereferences with rcu_read_lock()/ rcu_read_unlock() to prevent a potential UAF (Eric Dumazet) - extend tools/testing/selftests/bpf/prog_tests/migrate_reuseport.c instead of adding standalone net selftests (Kuniyuki Iwashima) - limit the epoll readiness check to TCP_ESTABLISHED cases v1: https://lore.kernel.org/netdev/[email protected]/ Zhenzhong Wu (2): tcp: call sk_data_ready() after listener migration selftests/bpf: check epoll readiness after reuseport migration net/ipv4/inet_connection_sock.c | 3 ++ .../bpf/prog_tests/migrate_reuseport.c | 32 ++++++++++++++++++- 2 files changed, 34 insertions(+), 1 deletion(-) base-commit: 52bcb57a4e8a0865a76c587c2451906342ae1b2d -- 2.43.0
