kcm: Call strp_stop before strp_done in kcm_attach
authorTom Herbert <tom@quantonium.net>
Wed, 14 Feb 2018 17:22:42 +0000 (09:22 -0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 16 May 2018 08:10:23 +0000 (10:10 +0200)
commit dff8baa261174de689a44572d0ea182d7aa70598 upstream.

In kcm_attach strp_done is called when sk_user_data is already
set to fail the attach. strp_done needs the strp to be stopped and
warns if it isn't. Call strp_stop in this case to eliminate the
warning message.

Reported-by: syzbot+88dfb55e4c8b770d86e3@syzkaller.appspotmail.com
Fixes: e5571240236c5652f ("kcm: Check if sk_user_data already set in kcm_attach"
Signed-off-by: Tom Herbert <tom@quantonium.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
net/kcm/kcmsock.c

index 9db49805b7be68bcf1cdd9c333531d357266a636..01a4ff3df60b6015cfe4e7127cfdd139be03c4a1 100644 (file)
@@ -1425,6 +1425,7 @@ static int kcm_attach(struct socket *sock, struct socket *csock,
         */
        if (csk->sk_user_data) {
                write_unlock_bh(&csk->sk_callback_lock);
+               strp_stop(&psock->strp);
                strp_done(&psock->strp);
                kmem_cache_free(kcm_psockp, psock);
                err = -EALREADY;