ip: Fix data-races around sysctl_ip_prot_sock.

stable inclusion from stable-v5.10.134 commit 9add240f76af6d141d2eebd3a1558a0e503a993d category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I5ZVR7 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=9add240f76af6d141d2eebd3a1558a0e503a993d -------------------------------- [ Upstream commit 9b55c20f ] sysctl_ip_prot_sock is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. Fixes: 4548b683 ("Introduce a sysctl that modifies the value of PROT_SOCK.") Signed-off-by: N Kuniyuki Iwashima <kuniyu@amazon.com> Signed-off-by: N David S. Miller <davem@davemloft.net> Signed-off-by: N Sasha Levin <sashal@kernel.org> Signed-off-by: N Zheng Zengkai <zhengzengkai@huawei.com> Reviewed-by: N Wei Li <liwei391@huawei.com>

ip: Fix data-races around sysctl_ip_prot_sock.
stable inclusion from stable-v5.10.134 commit 9add240f76af6d141d2eebd3a1558a0e503a993d category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I5ZVR7 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=9add240f76af6d141d2eebd3a1558a0e503a993d -------------------------------- [ Upstream commit 9b55c20f ] sysctl_ip_prot_sock is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. Fixes: 4548b683 ("Introduce a sysctl that modifies the value of PROT_SOCK.") Signed-off-by: N Kuniyuki Iwashima <kuniyu@amazon.com> Signed-off-by: N David S. Miller <davem@davemloft.net> Signed-off-by: N Sasha Levin <sashal@kernel.org> Signed-off-by: N Zheng Zengkai <zhengzengkai@huawei.com> Reviewed-by: N Wei Li <liwei391@huawei.com>
7d4800cf · Kuniyuki Iwashima · Zheng Zengkai · 426d22fc · 7d4800cf · 7d4800cf
隐藏空白更改
内联并排

Showing with 4 addition and 4 deletion

include/net/ip.h include/net/ip.h +1 -1

net/ipv4/sysctl_net_ipv4.c net/ipv4/sysctl_net_ipv4.c +3 -3

未找到文件。
--- a/include/net/ip.h
+++ b/include/net/ip.h
@@ -355,7 +355,7 @@ static inline bool sysctl_dev_name_is_allowed(const char *name)
 static inline bool inet_port_requires_bind_service(struct net *net, unsigned short port)
 {
-	return port < net->ipv4.sysctl_ip_prot_sock;
+	return port < READ_ONCE(net->ipv4.sysctl_ip_prot_sock);
 }
 #else

--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -95,7 +95,7 @@ static int ipv4_local_port_range(struct ctl_table *table, int write,
 		 * port limit.
 		 */
 		if ((range[1] < range[0]) ||
-		    (range[0] < net->ipv4.sysctl_ip_prot_sock))
+		    (range[0] < READ_ONCE(net->ipv4.sysctl_ip_prot_sock)))
 			ret = -EINVAL;
 		else
 			set_local_port_range(net, range);
@@ -121,7 +121,7 @@ static int ipv4_privileged_ports(struct ctl_table *table, int write,
 		.extra2 = &ip_privileged_port_max,
 	};
-	pports = net->ipv4.sysctl_ip_prot_sock;
+	pports = READ_ONCE(net->ipv4.sysctl_ip_prot_sock);
 	ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
@@ -133,7 +133,7 @@ static int ipv4_privileged_ports(struct ctl_table *table, int write,
 		if (range[0] < pports)
 			ret = -EINVAL;
 		else
-			net->ipv4.sysctl_ip_prot_sock = pports;
+			WRITE_ONCE(net->ipv4.sysctl_ip_prot_sock, pports);
 	}
 	return ret;