net: Fix a data-race around sysctl_somaxconn.
authorKuniyuki Iwashima <kuniyu@amazon.com>
Tue, 23 Aug 2022 17:47:00 +0000 (10:47 -0700)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 5 Sep 2022 08:23:55 +0000 (10:23 +0200)
[ Upstream commit 3c9ba81d72047f2e81bb535d42856517b613aba7 ]

While reading sysctl_somaxconn, it can be changed concurrently.
Thus, we need to add READ_ONCE() to its reader.

Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
net/socket.c

index ab64ae80ca2cd7c361572fcd2f6a6c58713e6fd0..6f1abcba0e3606aa73fab7ea03feca2c439ed4a6 100644 (file)
@@ -1403,7 +1403,7 @@ SYSCALL_DEFINE2(listen, int, fd, int, backlog)
 
        sock = sockfd_lookup_light(fd, &err, &fput_needed);
        if (sock) {
-               somaxconn = sock_net(sock->sk)->core.sysctl_somaxconn;
+               somaxconn = READ_ONCE(sock_net(sock->sk)->core.sysctl_somaxconn);
                if ((unsigned int)backlog > somaxconn)
                        backlog = somaxconn;