On Fri, May 16, 2025 at 8:56 AM Jeremy Harris <jgh@xxxxxxxx> wrote: > > Set the request_sock flag for fastopen earlier, making it available > to the af_ops SYN-handler function. > > In that function copy data from the listen socket write queue into an > sk_buff, allocating if needed and adding to the write queue of the > newly-created child socket. > Set sequence number values depending on the fastopen status. I do not see any locking. I think you should run a local KASAN/syzbot instance and you will be shocked. Honestly we need to be convinced of why adding code in sendmsg() fast path is worth this.
