[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20220426081750.970138852@linuxfoundation.org>
Date: Tue, 26 Apr 2022 10:20:27 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-kernel@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
stable@...r.kernel.org, Tony Lu <tonylu@...ux.alibaba.com>,
Karsten Graul <kgraul@...ux.ibm.com>,
"David S. Miller" <davem@...emloft.net>,
Sasha Levin <sashal@...nel.org>,
syzbot+6e29a053eb165bd50de5@...kaller.appspotmail.com
Subject: [PATCH 5.17 032/146] net/smc: Fix sock leak when release after smc_shutdown()
From: Tony Lu <tonylu@...ux.alibaba.com>
[ Upstream commit 1a74e99323746353bba11562a2f2d0aa8102f402 ]
Since commit e5d5aadcf3cd ("net/smc: fix sk_refcnt underflow on linkdown
and fallback"), for a fallback connection, __smc_release() does not call
sock_put() if its state is already SMC_CLOSED.
When calling smc_shutdown() after falling back, its state is set to
SMC_CLOSED but does not call sock_put(), so this patch calls it.
Reported-and-tested-by: syzbot+6e29a053eb165bd50de5@...kaller.appspotmail.com
Fixes: e5d5aadcf3cd ("net/smc: fix sk_refcnt underflow on linkdown and fallback")
Signed-off-by: Tony Lu <tonylu@...ux.alibaba.com>
Acked-by: Karsten Graul <kgraul@...ux.ibm.com>
Signed-off-by: David S. Miller <davem@...emloft.net>
Signed-off-by: Sasha Levin <sashal@...nel.org>
---
net/smc/af_smc.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/net/smc/af_smc.c b/net/smc/af_smc.c
index 303c5e56e4df..68cd110722a4 100644
--- a/net/smc/af_smc.c
+++ b/net/smc/af_smc.c
@@ -2538,8 +2538,10 @@ static int smc_shutdown(struct socket *sock, int how)
if (smc->use_fallback) {
rc = kernel_sock_shutdown(smc->clcsock, how);
sk->sk_shutdown = smc->clcsock->sk->sk_shutdown;
- if (sk->sk_shutdown == SHUTDOWN_MASK)
+ if (sk->sk_shutdown == SHUTDOWN_MASK) {
sk->sk_state = SMC_CLOSED;
+ sock_put(sk);
+ }
goto out;
}
switch (how) {
--
2.35.1
Powered by blists - more mailing lists