Commit b98e1a04 authored by Jeremy Kerr's avatar Jeremy Kerr Committed by David S. Miller
Browse files

net: mctp: mark socks as dead on unhash, prevent re-add 



Once a socket has been unhashed, we want to prevent it from being
re-used in a sk_key entry as part of a routing operation.

This change marks the sk as SOCK_DEAD on unhash, which prevents addition
into the net's key list.

We need to do this during the key add path, rather than key lookup, as
we release the net keys_lock between those operations.

Fixes: 4a992bbd ("mctp: Implement message fragmentation & reassembly")
Signed-off-by: default avatarJeremy Kerr <jk@codeconstruct.com.au>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 6e54ea37

net/mctp/af_mctp.c

+1 −0
Original line number Diff line number Diff line
@@ -577,6 +577,7 @@ static void mctp_sk_unhash(struct sock *sk) 
		spin_lock_irqsave(&key->lock, fl2);

		__mctp_key_remove(key, net, fl2, MCTP_TRACE_KEY_CLOSED);

	}

	sock_set_flag(sk, SOCK_DEAD);

	spin_unlock_irqrestore(&net->mctp.keys_lock, flags);



	/* Since there are no more tag allocations (we have removed all of the

net/mctp/route.c

+6 −0
Original line number Diff line number Diff line
@@ -179,6 +179,11 @@ static int mctp_key_add(struct mctp_sk_key *key, struct mctp_sock *msk) 


	spin_lock_irqsave(&net->mctp.keys_lock, flags);



	if (sock_flag(&msk->sk, SOCK_DEAD)) {

		rc = -EINVAL;

		goto out_unlock;

	}



	hlist_for_each_entry(tmp, &net->mctp.keys, hlist) {

		if (mctp_key_match(tmp, key->local_addr, key->peer_addr,

				   key->tag)) {
@@ -200,6 +205,7 @@ static int mctp_key_add(struct mctp_sk_key *key, struct mctp_sock *msk) 
		hlist_add_head(&key->sklist, &msk->keys);

	}



out_unlock:

	spin_unlock_irqrestore(&net->mctp.keys_lock, flags);



	return rc;