+7
−0
Loading
anolis: net/smc: Avoid clcsock access panic
anolis inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I79GVV CVE: NA Reference: https://gitee.com/anolis/cloud-kernel/commit/6111a29e707fe83f89eb4dedc22e401b3c544389 -------------------------------- ANBZ: #1742 This patch is a set of the workaround for clcsock access panic. There are two kinds of invalid access of clcsock. 1) Access smc->clcsock when smc->clcsock is reset to NULL; 2) Access smc->clcsock->sk when sock_release(clcsock); In upstream implementation, only 1) happens, and it is fixed by c0bf3d8a ("net/smc: Transitional solution for clcsock race issue"). In anolis implementation, 1) and 2) are both reproduced. They are mainly triggered by c5e5a9f9c5d8 ("net/smc: Keep first contact clcsock"). In anolis smc implementation, The first contact's clcsock is saved in link struct and may be released during smc link clear. After that, if smc->clcsock is accessed, a NULL pointer panic will happen. This patch provides a workaround for these. To eradicate such issues, We may need to avoid using first contact's clcsock as erdma link. Fixes: c0bf3d8a ("net/smc: Transitional solution for clcsock race issue"). Signed-off-by:Wen Gu <guwen@linux.alibaba.com> Reviewed-by: