forked from luck/tmp_suning_uos_patched
ip: Fix data-races around sysctl_ip_prot_sock.
[ Upstream commit 9b55c20f83369dd54541d9ddbe3a018a8377f451 ]
sysctl_ip_prot_sock is accessed concurrently, and there is always a chance
of data-race. So, all readers and writers need some basic protection to
avoid load/store-tearing.
Fixes: 4548b683b7
("Introduce a sysctl that modifies the value of PROT_SOCK.")
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
parent
e045d672ba
commit
9add240f76
|
@ -352,7 +352,7 @@ static inline bool sysctl_dev_name_is_allowed(const char *name)
|
|||
|
||||
static inline bool inet_port_requires_bind_service(struct net *net, unsigned short port)
|
||||
{
|
||||
return port < net->ipv4.sysctl_ip_prot_sock;
|
||||
return port < READ_ONCE(net->ipv4.sysctl_ip_prot_sock);
|
||||
}
|
||||
|
||||
#else
|
||||
|
|
|
@ -95,7 +95,7 @@ static int ipv4_local_port_range(struct ctl_table *table, int write,
|
|||
* port limit.
|
||||
*/
|
||||
if ((range[1] < range[0]) ||
|
||||
(range[0] < net->ipv4.sysctl_ip_prot_sock))
|
||||
(range[0] < READ_ONCE(net->ipv4.sysctl_ip_prot_sock)))
|
||||
ret = -EINVAL;
|
||||
else
|
||||
set_local_port_range(net, range);
|
||||
|
@ -121,7 +121,7 @@ static int ipv4_privileged_ports(struct ctl_table *table, int write,
|
|||
.extra2 = &ip_privileged_port_max,
|
||||
};
|
||||
|
||||
pports = net->ipv4.sysctl_ip_prot_sock;
|
||||
pports = READ_ONCE(net->ipv4.sysctl_ip_prot_sock);
|
||||
|
||||
ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
|
||||
|
||||
|
@ -133,7 +133,7 @@ static int ipv4_privileged_ports(struct ctl_table *table, int write,
|
|||
if (range[0] < pports)
|
||||
ret = -EINVAL;
|
||||
else
|
||||
net->ipv4.sysctl_ip_prot_sock = pports;
|
||||
WRITE_ONCE(net->ipv4.sysctl_ip_prot_sock, pports);
|
||||
}
|
||||
|
||||
return ret;
|
||||
|
|
Loading…
Reference in New Issue
Block a user