Commit 88d97f66 authored May 23, 2024 by Jason Xing Committed by Hui Tang May 23, 2024

netrom: Fix a data-race around sysctl_netrom_transport_timeout

stable inclusion
from stable-v5.10.213
commit 291d36d772f5ea5c68a263ee440f2c9eade371c9
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9Q95M
CVE: CVE-2024-27427

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=291d36d772f5ea5c68a263ee440f2c9eade371c9



--------------------------------

[ Upstream commit 60a7a152abd494ed4f69098cf0f322e6bb140612 ]

We need to protect the reader reading the sysctl value because the
value can be changed concurrently.

Fixes: 1da177e4 ("Linux-2.6.12-rc2")
Signed-off-by: Jason Xing <kernelxing@tencent.com>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Hui Tang <tanghui20@huawei.com>

parent db8faa59

net/netrom/af_netrom.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -453,7 +453,7 @@ static int nr_create(struct net net, struct socket sock, int protocol,
		nr_init_timers(sk);

		nr->t1 =
		msecs_to_jiffies(sysctl_netrom_transport_timeout);
		msecs_to_jiffies(READ_ONCE(sysctl_netrom_transport_timeout));
		nr->t2 =
		msecs_to_jiffies(sysctl_netrom_transport_acknowledge_delay);
		nr->n2 =