[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20250203080449.1988-1-hdanton@sina.com>
Date: Mon, 3 Feb 2025 16:04:48 +0800
From: Hillf Danton <hdanton@...a.com>
To: syzbot <syzbot+3433b5cb8b2b70933f8d@...kaller.appspotmail.com>
Cc: linux-kernel@...r.kernel.org,
syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [net?] possible deadlock in do_ipv6_setsockopt (4)
On Sun, 02 Feb 2025 14:01:18 -0800
> syzbot has found a reproducer for the following issue on:
>
> HEAD commit: c2933b2befe2 Merge tag 'net-6.14-rc1' of git://git.kernel...
> git tree: net-next
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12c69724580000
#syz test
--- x/net/smc/af_smc.c
+++ y/net/smc/af_smc.c
@@ -1597,6 +1597,7 @@ static void smc_connect_work(struct work
rc = 0;
}
release_sock(smc->clcsock->sk);
+ rtnl_lock();
lock_sock(&smc->sk);
if (rc != 0 || smc->sk.sk_err) {
smc->sk.sk_state = SMC_CLOSED;
@@ -1624,6 +1625,7 @@ out:
}
}
release_sock(&smc->sk);
+ rtnl_unlock();
}
int smc_connect(struct socket *sock, struct sockaddr *addr,
@@ -1641,6 +1643,7 @@ int smc_connect(struct socket *sock, str
if (addr->sa_family != AF_INET && addr->sa_family != AF_INET6)
goto out_err;
+ rtnl_lock();
lock_sock(sk);
switch (sock->state) {
default:
@@ -1703,6 +1706,7 @@ connected:
sock->state = SS_CONNECTED;
out:
release_sock(sk);
+ rtnl_unlock();
out_err:
return rc;
}
--- x/net/smc/smc_core.c
+++ y/net/smc/smc_core.c
@@ -1888,6 +1888,7 @@ int smc_vlan_by_tcpsk(struct socket *clc
struct net_device *ndev;
int rc = 0;
+ ASSERT_RTNL();
ini->vlan_id = 0;
if (!dst) {
rc = -ENOTCONN;
@@ -1905,9 +1906,7 @@ int smc_vlan_by_tcpsk(struct socket *clc
}
priv.data = (void *)&ini->vlan_id;
- rtnl_lock();
netdev_walk_all_lower_dev(ndev, smc_vlan_by_tcpsk_walk, &priv);
- rtnl_unlock();
out_rel:
dst_release(dst);
--
Powered by blists - more mailing lists