public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-08-05 16:54:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/net/mptcp
History
Paolo Abeni 56a666c48b mptcp: fix possible list corruption on passive MPJ 
At passive MPJ time, if the msk socket lock is held by the user,
the new subflow is appended to the msk->join_list under the msk
data lock.

In mptcp_release_cb()/__mptcp_flush_join_list(), the subflows in
that list are moved from the join_list into the conn_list under the
msk socket lock.

Append and removal could race, possibly corrupting such list.
Address the issue splicing the join list into a temporary one while
still under the msk data lock.

Found by code inspection, the race itself should be almost impossible
to trigger in practice.

Fixes: 3e5014909b ("mptcp: cleanup MPJ subflow list handling")
Cc: stable@vger.kernel.org
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Reviewed-by: Matthieu Baerts <matthieu.baerts@tessares.net>
Signed-off-by: Matthieu Baerts <matthieu.baerts@tessares.net>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2023-06-21 22:44:54 -07:00
..
bpf.c bpf: Add bpf_skc_to_mptcp_sock_proto 2022-05-20 15:29:00 -07:00
crypto.c
crypto_test.c
ctrl.c mptcp: Add a per-namespace sysctl to set the default path manager type 2022-04-29 17:25:14 -07:00
diag.c
fastopen.c mptcp: fix NULL pointer dereference on fastopen early fallback 2023-04-13 09:58:55 -07:00
Kconfig
Makefile mptcp: implement delayed seq generation for passive fastopen 2022-11-29 20:24:25 -08:00
mib.c mptcp: add more offered MIBs counter 2022-05-05 19:00:16 -07:00
mib.h mptcp: add more offered MIBs counter 2022-05-05 19:00:16 -07:00
mptcp_diag.c tcp: Access &tcp_hashinfo via net. 2022-09-20 10:21:49 -07:00
options.c mptcp: remove unused 'remaining' variable 2023-04-17 08:25:33 +01:00
pm.c mptcp: update userspace pm infos 2023-06-05 15:15:57 +01:00
pm_netlink.c mptcp: only send RM_ADDR in nl_cmd_remove 2023-06-05 15:15:57 +01:00
pm_userspace.c mptcp: update userspace pm infos 2023-06-05 15:15:57 +01:00
protocol.c mptcp: fix possible list corruption on passive MPJ 2023-06-21 22:44:54 -07:00
protocol.h mptcp: only send RM_ADDR in nl_cmd_remove 2023-06-05 15:15:57 +01:00
sockopt.c mptcp: move first subflow allocation at mpc access time 2023-04-17 08:18:34 +01:00
subflow.c mptcp: consolidate passive msk socket initialization 2023-06-01 10:04:04 -07:00
syncookies.c mptcp: don't return sockets in foreign netns 2021-09-24 10:51:36 +01:00
token.c mptcp: add statistics for mptcp socket in use 2023-01-09 07:30:50 +00:00
token_test.c mptcp: init sk->sk_prot in build_msk() 2023-01-09 07:30:50 +00:00