Re: [PATCH net V2 1/1] net/smc: take sock lock in smc_ioctl()

From: Stefano Brivio
Date: Mon Jul 16 2018 - 09:14:57 EST

Next message: Marcel Holtmann: "Re: [PATCH] Bluetooth: avoid killing an already killed socket"
Previous message: Alan Cox: "Re: [PATCH 3/3] tty: support CIBAUD without BOTHER"
In reply to: Ursula Braun: "[PATCH net V2 1/1] net/smc: take sock lock in smc_ioctl()"
Next in thread: David Miller: "Re: [PATCH net V2 1/1] net/smc: take sock lock in smc_ioctl()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 16 Jul 2018 13:56:52 +0200
Ursula Braun <ubraun@xxxxxxxxxxxxx> wrote:

> From: Ursula Braun <ursula.braun@xxxxxxxxxxxxx>
>
> SMC ioctl processing requires the sock lock to work properly in
> all thinkable scenarios.
> Problem has been found with RaceFuzzer and fixes:
> KASAN: null-ptr-deref Read in smc_ioctl
>
> Reported-by: Byoungyoung Lee <lifeasageek@xxxxxxxxx>
> Reported-by: syzbot+35b2c5aa76fd398b9fd4@xxxxxxxxxxxxxxxxxxxxxxxxx
> Signed-off-by: Ursula Braun <ubraun@xxxxxxxxxxxxx>

Reviewed-by: Stefano Brivio <sbrivio@xxxxxxxxxx>

--
Stefano

Next message: Marcel Holtmann: "Re: [PATCH] Bluetooth: avoid killing an already killed socket"
Previous message: Alan Cox: "Re: [PATCH 3/3] tty: support CIBAUD without BOTHER"
In reply to: Ursula Braun: "[PATCH net V2 1/1] net/smc: take sock lock in smc_ioctl()"
Next in thread: David Miller: "Re: [PATCH net V2 1/1] net/smc: take sock lock in smc_ioctl()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]