Commit 5de909a3 authored by Kuniyuki Iwashima's avatar Kuniyuki Iwashima Committed by Zhengchao Shao
Browse files

icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr. 

mainline inclusion
from mainline-v5.19-rc7
commit d2efabce
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I8MEXU
CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d2efabce81db7eed1c98fa1a3f203f0edd738ac3



--------------------------------

While reading sysctl_icmp_errors_use_inbound_ifaddr, it can be changed
concurrently.  Thus, we need to add READ_ONCE() to its reader.

Fixes: 1c2fb7f9 ("[IPV4]: Sysctl configurable icmp error source address.")
Signed-off-by: default avatarKuniyuki Iwashima <kuniyu@amazon.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>

Conflicts:
	net/ipv4/sysctl_net_ipv4.c

Signed-off-by: default avatarZhengchao Shao <shaozhengchao@huawei.com>
parent 94b41cc2

net/ipv4/icmp.c

+1 −1
Original line number Diff line number Diff line
@@ -703,7 +703,7 @@ void __icmp_send(struct sk_buff *skb_in, int type, int code, __be32 info, 


		rcu_read_lock();

		if (rt_is_input_route(rt) &&

		    net->ipv4.sysctl_icmp_errors_use_inbound_ifaddr)

		    READ_ONCE(net->ipv4.sysctl_icmp_errors_use_inbound_ifaddr))

			dev = dev_get_by_index_rcu(net, inet_iif(skb_in));



		if (dev)

net/ipv4/sysctl_net_ipv4.c

+3 −1
Original line number Diff line number Diff line
@@ -613,7 +613,9 @@ static struct ctl_table ipv4_net_table[] = { 
		.data		= &init_net.ipv4.sysctl_icmp_errors_use_inbound_ifaddr,

		.maxlen		= sizeof(int),

		.mode		= 0644,

		.proc_handler	= proc_dointvec

		.proc_handler	= proc_dointvec,

		.extra1		= SYSCTL_ZERO,

		.extra2		= SYSCTL_ONE

	},

	{

		.procname	= "icmp_ratelimit",