[PATCH net 2/3] mptcp: hold pm lock when deleting entry

12 Nov 2024

From: Geliang Tang tanggeliang@kylinos.cn
When traversing userspace_pm_local_addr_list and deleting an entry from
it in mptcp_pm_nl_remove_doit(), msk->pm.lock should be held.
This patch holds this lock before mptcp_userspace_pm_lookup_addr_by_id()
and releases it after list_move() in mptcp_pm_nl_remove_doit().
Fixes: d9a4594edabf ("mptcp: netlink: Add MPTCP_PM_CMD_REMOVE")
Cc: stable@vger.kernel.org
Signed-off-by: Geliang Tang tanggeliang@kylinos.cn
Reviewed-by: Matthieu Baerts (NGI0) matttbe@kernel.org
Signed-off-by: Matthieu Baerts (NGI0) matttbe@kernel.org
---
 net/mptcp/pm_userspace.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/net/mptcp/pm_userspace.c b/net/mptcp/pm_userspace.c
index 3f888bfe1462ee3c75a3fb6eefe29cb712471410..e35178f5205faac4a9199df1ffca79085e4b7c68 100644
--- a/net/mptcp/pm_userspace.c
+++ b/net/mptcp/pm_userspace.c
@@ -308,14 +308,17 @@ int mptcp_pm_nl_remove_doit(struct sk_buff *skb, struct genl_info *info)
lock_sock(sk);
+	spin_lock_bh(&msk->pm.lock);
    match = mptcp_userspace_pm_lookup_addr_by_id(msk, id_val);
    if (!match) {
    	GENL_SET_ERR_MSG(info, "address with specified id not found");
+		spin_unlock_bh(&msk->pm.lock);
    	release_sock(sk);
    	goto out;
    }
list_move(&match->list, &free_list);
+	spin_unlock_bh(&msk->pm.lock);
mptcp_pm_remove_addrs(msk, &free_list);
-- 
2.45.2



    

2025

2024

2023

2022

2021

2020

2019

2018

2017

[PATCH net 2/3] mptcp: hold pm lock when deleting entry