ip: Fix data-races around sysctl_ip_prot_sock.

[ Upstream commit 9b55c20f83369dd54541d9ddbe3a018a8377f451 ]

sysctl_ip_prot_sock is accessed concurrently, and there is always a chance
of data-race.  So, all readers and writers need some basic protection to
avoid load/store-tearing.

Fixes: 4548b683b7 ("Introduce a sysctl that modifies the value of PROT_SOCK.")
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
Kuniyuki Iwashima 2022-07-18 10:26:42 -07:00 committed by Greg Kroah-Hartman
parent e045d672ba
commit 9add240f76
2 changed files with 4 additions and 4 deletions

View File

@ -352,7 +352,7 @@ static inline bool sysctl_dev_name_is_allowed(const char *name)
static inline bool inet_port_requires_bind_service(struct net *net, unsigned short port)
{
return port < net->ipv4.sysctl_ip_prot_sock;
return port < READ_ONCE(net->ipv4.sysctl_ip_prot_sock);
}
#else

View File

@ -95,7 +95,7 @@ static int ipv4_local_port_range(struct ctl_table *table, int write,
* port limit.
*/
if ((range[1] < range[0]) ||
(range[0] < net->ipv4.sysctl_ip_prot_sock))
(range[0] < READ_ONCE(net->ipv4.sysctl_ip_prot_sock)))
ret = -EINVAL;
else
set_local_port_range(net, range);
@ -121,7 +121,7 @@ static int ipv4_privileged_ports(struct ctl_table *table, int write,
.extra2 = &ip_privileged_port_max,
};
pports = net->ipv4.sysctl_ip_prot_sock;
pports = READ_ONCE(net->ipv4.sysctl_ip_prot_sock);
ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
@ -133,7 +133,7 @@ static int ipv4_privileged_ports(struct ctl_table *table, int write,
if (range[0] < pports)
ret = -EINVAL;
else
net->ipv4.sysctl_ip_prot_sock = pports;
WRITE_ONCE(net->ipv4.sysctl_ip_prot_sock, pports);
}
return ret;