| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20241005092812.2152-1-hdanton@sina.com>
Date: Sat, 5 Oct 2024 17:28:12 +0800
From: Hillf Danton <hdanton@...a.com>
To: syzbot <syzbot+e953a8f3071f5c0a28fd@...kaller.appspotmail.com>
Cc: linux-kernel@...r.kernel.org,
syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [net?] possible deadlock in gtp_encap_enable_socket
On Mon, 23 Sep 2024 08:46:24 -0700
> syzbot found the following issue on:
>
> HEAD commit: 9410645520e9 Merge tag 'net-next-6.12' of git://git.kernel..
> git tree: net-next
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=110c6c27980000
#syz test
--- x/net/smc/af_smc.c
+++ y/net/smc/af_smc.c
@@ -3053,9 +3053,7 @@ int smc_setsockopt(struct socket *sock,
/* generic setsockopts reaching us here always apply to the
* CLC socket
*/
- mutex_lock(&smc->clcsock_release_lock);
if (!smc->clcsock) {
- mutex_unlock(&smc->clcsock_release_lock);
return -EBADF;
}
if (unlikely(!smc->clcsock->ops->setsockopt))
@@ -3067,7 +3065,6 @@ int smc_setsockopt(struct socket *sock,
sk->sk_err = smc->clcsock->sk->sk_err;
sk_error_report(sk);
}
- mutex_unlock(&smc->clcsock_release_lock);
if (optlen < sizeof(int))
return -EINVAL;
@@ -3133,19 +3130,15 @@ int smc_getsockopt(struct socket *sock,
return __smc_getsockopt(sock, level, optname, optval, optlen);
smc = smc_sk(sock->sk);
- mutex_lock(&smc->clcsock_release_lock);
if (!smc->clcsock) {
- mutex_unlock(&smc->clcsock_release_lock);
return -EBADF;
}
/* socket options apply to the CLC socket */
if (unlikely(!smc->clcsock->ops->getsockopt)) {
- mutex_unlock(&smc->clcsock_release_lock);
return -EOPNOTSUPP;
}
rc = smc->clcsock->ops->getsockopt(smc->clcsock, level, optname,
optval, optlen);
- mutex_unlock(&smc->clcsock_release_lock);
return rc;
}
--
Powered by blists - more mailing lists