"56a666c48b038e91b76471289e2cf60c79d326b9" (history) in projects: openbmc

Searched hist:"56 a666c48b038e91b76471289e2cf60c79d326b9" (Results 1 – 1 of 1) sorted by relevance

/openbmc/linux/net/mptcp/
H A D	protocol.c	diff 56a666c48b038e91b76471289e2cf60c79d326b9 Tue Jun 20 11:24:20 CDT 2023 Paolo Abeni <pabeni@redhat.com> mptcp: fix possible list corruption on passive MPJ At passive MPJ time, if the msk socket lock is held by the user, the new subflow is appended to the msk->join_list under the msk data lock. In mptcp_release_cb()/__mptcp_flush_join_list(), the subflows in that list are moved from the join_list into the conn_list under the msk socket lock. Append and removal could race, possibly corrupting such list. Address the issue splicing the join list into a temporary one while still under the msk data lock. Found by code inspection, the race itself should be almost impossible to trigger in practice. Fixes: 3e5014909b56 ("mptcp: cleanup MPJ subflow list handling") Cc: stable@vger.kernel.org Signed-off-by: Paolo Abeni <pabeni@redhat.com> Reviewed-by: Matthieu Baerts <matthieu.baerts@tessares.net> Signed-off-by: Matthieu Baerts <matthieu.baerts@tessares.net> Signed-off-by: Jakub Kicinski <kuba@kernel.org>