From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Cyrus-Session-Id: sloti22d1t05-3190956-1523476450-2-923975186635811954 X-Sieve: CMU Sieve 3.0 X-Spam-known-sender: no X-Spam-score: 0.0 X-Spam-hits: BAYES_00 -1.9, HEADER_FROM_DIFFERENT_DOMAINS 0.25, MAILING_LIST_MULTI -1, ME_NOAUTH 0.01, RCVD_IN_DNSWL_HI -5, LANGUAGES en, BAYES_USED global, SA_VERSION 3.4.0 X-Spam-source: IP='209.132.180.67', Host='vger.kernel.org', Country='US', FromHeader='org', MailFrom='org' X-Spam-charsets: plain='UTF-8' X-Resolved-to: greg@kroah.com X-Delivered-to: greg@kroah.com X-Mail-from: stable-owner@vger.kernel.org ARC-Seal: i=1; a=rsa-sha256; cv=none; d=messagingengine.com; s=fm2; t= 1523476449; b=B02XZ8ZCkoh3u10XcieDg+M7/Lg67wyPtmw2iMabUAFXFIBp2o bnGC8iRmXZ06LvcNhqSHb2rYJ3rN5Cp9JsZRCpF8dwx53tirdbby+hxNzWWTKSdN iI/k5KruH4s+8zJZWFOsl5pbPiy2h7SvYR73Xvy4oZCprvCR1Y9rx4t57kVIQFmy cPPUNz/NsxosznH6ZuBN7wzRhm5t3Ni5TNqMPGuKOO1lpgNXyj8qla9y6OxLrLcC XD7XM96vExbkHe6UMuL+Kuv1P/p7dY7H1TqDKJaCedI53UYvcShaqBjmxmPF47ZS 6N8Ku/mXU0sYRiLa297RxGkpm4xeqZIC8rwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-type:sender :list-id; s=fm2; t=1523476449; bh=il4F87FyBnASPjt1bJnFwIPedVzB2p Dz2qEwSKsilfk=; b=FdzxxT6HatNwXZ9NPJlNESUrg9D6z+ejCbfJUBEOTDImS6 MoZHvSNewfjtIATsP4DrQgaVLEj14C+kQUISanhIVTanxBY4tLCPM92sLrVg5H2r QwWsBXdtt8Ivo9bOlz8YhBQhUWtbUODbYKpEACHW50+nDp/67AO+vaAIAyQxadgT Rl9VUSgw4G4WZiFHMndr8bEe8I+x54P/rlta4EYIgfVFmr8vzhADjdZ5nu0m3H77 LbPo1Ab6DW7zY09QscBl6so/2z/SbA/pbgcf4L9v3G+umFHwQVJ4tHq/XLwIumVa AwB4rxM5kYNzH+6bmjgfx2II9+Zk0DIwVX8gbfQA== ARC-Authentication-Results: i=1; mx3.messagingengine.com; arc=none (no signatures found); dkim=none (no signatures found); dmarc=none (p=none,has-list-id=yes,d=none) header.from=linuxfoundation.org; iprev=pass policy.iprev=209.132.180.67 (vger.kernel.org); spf=none smtp.mailfrom=stable-owner@vger.kernel.org smtp.helo=vger.kernel.org; x-aligned-from=fail; x-cm=none score=0; x-ptr=pass x-ptr-helo=vger.kernel.org x-ptr-lookup=vger.kernel.org; x-return-mx=pass smtp.domain=vger.kernel.org smtp.result=pass smtp_org.domain=kernel.org smtp_org.result=pass smtp_is_org_domain=no header.domain=linuxfoundation.org header.result=pass header_is_org_domain=yes; x-vs=clean score=-100 state=0 Authentication-Results: mx3.messagingengine.com; arc=none (no signatures found); dkim=none (no signatures found); dmarc=none (p=none,has-list-id=yes,d=none) header.from=linuxfoundation.org; iprev=pass policy.iprev=209.132.180.67 (vger.kernel.org); spf=none smtp.mailfrom=stable-owner@vger.kernel.org smtp.helo=vger.kernel.org; x-aligned-from=fail; x-cm=none score=0; x-ptr=pass x-ptr-helo=vger.kernel.org x-ptr-lookup=vger.kernel.org; x-return-mx=pass smtp.domain=vger.kernel.org smtp.result=pass smtp_org.domain=kernel.org smtp_org.result=pass smtp_is_org_domain=no header.domain=linuxfoundation.org header.result=pass header_is_org_domain=yes; x-vs=clean score=-100 state=0 X-ME-VSCategory: clean X-CM-Envelope: MS4wfFf+D6wqr+7r8VBY5RUg0GmnL/zSvqyF52n6eNVSk3ahj+kBuJuQcay7nuSnudOF4VXazrMDVKOP4RGt+hV5Mdv3wsYHKWdXxkCgIQ6rn0mu1pLPCeeQ cyxVSEJBB4P1NUD8BjKcS5pkhlJRaZtKpBJSk27/7rB3BAD7dQDDSYLwD1nBYAtBKHL7guMAidLhGcDhcAlJMe1zAD7PzmJ0xkO783GOvSqrzfcBit8vJSRB X-CM-Analysis: v=2.3 cv=Tq3Iegfh c=1 sm=1 tr=0 a=UK1r566ZdBxH71SXbqIOeA==:117 a=UK1r566ZdBxH71SXbqIOeA==:17 a=IkcTkHD0fZMA:10 a=Kd1tUaAdevIA:10 a=pGLkceISAAAA:8 a=J1Y8HTJGAAAA:8 a=yMhMjlubAAAA:8 a=ag1SF4gXAAAA:8 a=8QyaLQAlnL_XF40ULzwA:9 a=QEXdDO2ut3YA:10 a=y1Q9-5lHfBjTkpIzbSAN:22 a=Yupwre4RP9_Eg_Bd0iYG:22 X-ME-CMScore: 0 X-ME-CMCategory: none Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754171AbeDKS5q (ORCPT ); Wed, 11 Apr 2018 14:57:46 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:36404 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754153AbeDKS5o (ORCPT ); Wed, 11 Apr 2018 14:57:44 -0400 From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Lin Zhang , "David S. Miller" , Sasha Levin Subject: [PATCH 4.9 117/310] net: llc: add lock_sock in llc_ui_bind to avoid a race condition Date: Wed, 11 Apr 2018 20:34:16 +0200 Message-Id: <20180411183627.204637839@linuxfoundation.org> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20180411183622.305902791@linuxfoundation.org> References: <20180411183622.305902791@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: stable-owner@vger.kernel.org X-Mailing-List: stable@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-Mailing-List: linux-kernel@vger.kernel.org List-ID: 4.9-stable review patch. If anyone has any objections, please let me know. ------------------ From: linzhang [ Upstream commit 0908cf4dfef35fc6ac12329007052ebe93ff1081 ] There is a race condition in llc_ui_bind if two or more processes/threads try to bind a same socket. If more processes/threads bind a same socket success that will lead to two problems, one is this action is not what we expected, another is will lead to kernel in unstable status or oops(in my simple test case, cause llc2.ko can't unload). The current code is test SOCK_ZAPPED bit to avoid a process to bind a same socket twice but that is can't avoid more processes/threads try to bind a same socket at the same time. So, add lock_sock in llc_ui_bind like others, such as llc_ui_connect. Signed-off-by: Lin Zhang Signed-off-by: David S. Miller Signed-off-by: Sasha Levin Signed-off-by: Greg Kroah-Hartman --- net/llc/af_llc.c | 3 +++ 1 file changed, 3 insertions(+) --- a/net/llc/af_llc.c +++ b/net/llc/af_llc.c @@ -309,6 +309,8 @@ static int llc_ui_bind(struct socket *so int rc = -EINVAL; dprintk("%s: binding %02X\n", __func__, addr->sllc_sap); + + lock_sock(sk); if (unlikely(!sock_flag(sk, SOCK_ZAPPED) || addrlen != sizeof(*addr))) goto out; rc = -EAFNOSUPPORT; @@ -380,6 +382,7 @@ static int llc_ui_bind(struct socket *so out_put: llc_sap_put(sap); out: + release_sock(sk); return rc; }