lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250110083511.30419-5-sgarzare@redhat.com>
Date: Fri, 10 Jan 2025 09:35:10 +0100
From: Stefano Garzarella <sgarzare@...hat.com>
To: netdev@...r.kernel.org
Cc: Xuan Zhuo <xuanzhuo@...ux.alibaba.com>,
	bpf@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	Luigi Leonardi <leonardi@...hat.com>,
	"David S. Miller" <davem@...emloft.net>,
	Wongi Lee <qwerty@...ori.io>,
	Stefano Garzarella <sgarzare@...hat.com>,
	Eugenio PĂ©rez <eperezma@...hat.com>,
	"Michael S. Tsirkin" <mst@...hat.com>,
	Eric Dumazet <edumazet@...gle.com>,
	kvm@...r.kernel.org,
	Paolo Abeni <pabeni@...hat.com>,
	Stefan Hajnoczi <stefanha@...hat.com>,
	Jason Wang <jasowang@...hat.com>,
	Simon Horman <horms@...nel.org>,
	Hyunwoo Kim <v4bel@...ori.io>,
	Jakub Kicinski <kuba@...nel.org>,
	Michal Luczaj <mhal@...x.co>,
	virtualization@...ts.linux.dev,
	Bobby Eshleman <bobby.eshleman@...edance.com>,
	stable@...r.kernel.org
Subject: [PATCH net v2 4/5] vsock: reset socket state when de-assigning the transport

Transport's release() and destruct() are called when de-assigning the
vsock transport. These callbacks can touch some socket state like
sock flags, sk_state, and peer_shutdown.

Since we are reassigning the socket to a new transport during
vsock_connect(), let's reset these fields to have a clean state with
the new transport.

Fixes: c0cfa2d8a788 ("vsock: add multi-transports support")
Cc: stable@...r.kernel.org
Signed-off-by: Stefano Garzarella <sgarzare@...hat.com>
---
 net/vmw_vsock/af_vsock.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c
index 5cf8109f672a..74d35a871644 100644
--- a/net/vmw_vsock/af_vsock.c
+++ b/net/vmw_vsock/af_vsock.c
@@ -491,6 +491,15 @@ int vsock_assign_transport(struct vsock_sock *vsk, struct vsock_sock *psk)
 		 */
 		vsk->transport->release(vsk);
 		vsock_deassign_transport(vsk);
+
+		/* transport's release() and destruct() can touch some socket
+		 * state, since we are reassigning the socket to a new transport
+		 * during vsock_connect(), let's reset these fields to have a
+		 * clean state.
+		 */
+		sock_reset_flag(sk, SOCK_DONE);
+		sk->sk_state = TCP_CLOSE;
+		vsk->peer_shutdown = 0;
 	}
 
 	/* We increase the module refcnt to prevent the transport unloading
-- 
2.47.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ