diff options
| author | Cong Wang <cong.wang@bytedance.com> | 2021-05-05 12:40:48 -0700 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2021-05-19 10:08:28 +0200 |
| commit | ca74d0dbaffa78f73d0f0238d63c64494452195b (patch) | |
| tree | 2595334d57dfd4b9c19b8e55374eca345af9de34 /mm | |
| parent | 2f9f92e2ecec63334af733f47d3f69cced8258e5 (diff) | |
| download | linux-stable-ca74d0dbaffa78f73d0f0238d63c64494452195b.tar.gz linux-stable-ca74d0dbaffa78f73d0f0238d63c64494452195b.tar.bz2 linux-stable-ca74d0dbaffa78f73d0f0238d63c64494452195b.zip | |
smc: disallow TCP_ULP in smc_setsockopt()
[ Upstream commit 8621436671f3a4bba5db57482e1ee604708bf1eb ]
syzbot is able to setup kTLS on an SMC socket which coincidentally
uses sk_user_data too. Later, kTLS treats it as psock so triggers a
refcnt warning. The root cause is that smc_setsockopt() simply calls
TCP setsockopt() which includes TCP_ULP. I do not think it makes
sense to setup kTLS on top of SMC sockets, so we should just disallow
this setup.
It is hard to find a commit to blame, but we can apply this patch
since the beginning of TCP_ULP.
Reported-and-tested-by: syzbot+b54a1ce86ba4a623b7f0@syzkaller.appspotmail.com
Fixes: 734942cc4ea6 ("tcp: ULP infrastructure")
Cc: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: Karsten Graul <kgraul@linux.ibm.com>
Signed-off-by: Cong Wang <cong.wang@bytedance.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'mm')
0 files changed, 0 insertions, 0 deletions