Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752839AbdHOWQB (ORCPT ); Tue, 15 Aug 2017 18:16:01 -0400 Received: from mail-hk2apc01on0115.outbound.protection.outlook.com ([104.47.124.115]:26496 "EHLO APC01-HK2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751624AbdHOWP7 (ORCPT ); Tue, 15 Aug 2017 18:15:59 -0400 From: Dexuan Cui To: "davem@davemloft.net" , "netdev@vger.kernel.org" CC: "'gregkh@linuxfoundation.org'" <'gregkh@linuxfoundation.org'>, "devel@linuxdriverproject.org" , KY Srinivasan , Haiyang Zhang , "Stephen Hemminger" , George Zhang , Jorgen Hansen , Michal Kubecek , "Asias He" , Stefan Hajnoczi , "Vitaly Kuznetsov" , Cathy Avery , "jasowang@redhat.com" , Rolf Neugebauer , Dave Scott , "Marcelo Cerri" , "apw@canonical.com" , "olaf@aepfle.de" , "joe@perches.com" , "linux-kernel@vger.kernel.org" , Dan Carpenter Subject: [PATCH net-next 2/3] vsock: fix vsock_dequeue/enqueue_accept race Thread-Topic: [PATCH net-next 2/3] vsock: fix vsock_dequeue/enqueue_accept race Thread-Index: AdMWE/OcqyyawNZsSxaayApZ7QpUYg== Date: Tue, 15 Aug 2017 22:15:39 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Ref=https://api.informationprotection.azure.com/api/72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=decui@microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2017-08-15T15:15:36.1457062-07:00; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic; Sensitivity=General authentication-results: spf=none (sender IP is ) smtp.mailfrom=decui@microsoft.com; x-originating-ip: [167.220.1.80] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1;KL1P15301MB0037;6:0QZOxbbm73GEA824znP+N4MRGESoMi6XOxdKeR3d7bu7HjNgxYw82X+35b9O/MawOR/jl95NzvBPyai3lkn6w25DvLuvFBUaalnipxSguQDakfp16nmsyKtF46hNpHCt1pgSJ4140KGtwoOrPYyth7elQX7r2G8exWanuC4A94U9hXdeaxrmFcLyuY3MrDSPVbwnGW86sYpDN8Y00/KKgdWdodS7FtYzbGNOIObPC5K1OPmClHPTiCtlRrIL4HsQXrh4BqiViI6D/8z95KdE5yxfuz+e4zN3I4MgRg8+YOP0Dlm0MWcr+R8oyGQq71YbUw15lhbqeejKdOnKSwPF3g==;5:7NPqTpRkBt6m0QtdIt1eYUDuH/iFIjFBuu2QMyuh1K4Dtni18zMGf95ivp3tLbuszNB493mCvD/X4ABiO3tSmjkyi7i2Y7X/3oXOxYWp8NWa/G57T6EMXc21i/4Ep2nxwt9JCDAZ/WEuxtmWentn1w==;24:9p6yWr6BE6wjZpeqAsHw3Ef90tRxiQFeaIGwg9u/0OcueU8vWN0GoEugmFDzfcfgUxxi4Q/B5XKA+lwZNoEurdVqL2zthTudbCmY9i6wQ7s=;7:lqTcAhiOVz373TQOBJy27Hhwx/kQ83bFe7uTfWOokJwtL7pZYi2taecxS6nwv2+bCPCreHTKuhjHG7Ri9kNgAHzDUOwh5TSscV0EqDKQxw15cGMi6OWdv+adBm4K0qaRXhLdWsBQnRtSQuKkUZo+EHhDlPin1SeYGilgGnjUAJABYrIZuY1dLHLeIgfIYMi5Oa1unTiO7ntDylMSYx9ekdmHzYqyiPL9Df/VOX5JBSc= x-ms-office365-filtering-correlation-id: a15ca826-3e26-4b32-f637-08d4e42b29c4 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254152)(48565401081)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095);SRVR:KL1P15301MB0037; x-ms-traffictypediagnostic: KL1P15301MB0037: x-exchange-antispam-report-test: UriScan:(61668805478150)(89211679590171); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(2401047)(8121501046)(5005006)(10201501046)(100000703101)(100105400095)(93006095)(93001095)(3002001)(6055026)(61426038)(61427038)(6041248)(20161123558100)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123555025)(20161123564025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095);SRVR:KL1P15301MB0037;BCL:0;PCL:0;RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);SRVR:KL1P15301MB0037; x-forefront-prvs: 04004D94E2 x-forefront-antispam-report: SFV:NSPM;SFS:(10019020)(6009001)(39860400002)(47760400005)(199003)(189002)(10090500001)(55016002)(9686003)(3846002)(86612001)(2900100001)(86362001)(7416002)(8936002)(8676002)(81166006)(81156014)(8990500004)(7696004)(97736004)(5005710100001)(53936002)(305945005)(7736002)(66066001)(6116002)(102836003)(189998001)(5660300001)(105586002)(106356001)(6506006)(33656002)(2906002)(10290500003)(101416001)(478600001)(6436002)(14454004)(50986999)(54356999)(25786009)(77096006)(4326008)(3280700002)(68736007)(74316002)(2501003)(3660700001);DIR:OUT;SFP:1102;SCL:1;SRVR:KL1P15301MB0037;H:KL1P15301MB0008.APCP153.PROD.OUTLOOK.COM;FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Aug 2017 22:15:39.1426 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: KL1P15301MB0037 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by nfs id v7FMG7dO023495 Content-Length: 1982 Lines: 59 With the current code, when vsock_dequeue_accept() is removing a sock from the list, nothing prevents vsock_enqueue_accept() from adding a new sock into the list concurrently. We should add a lock to protect the list. Signed-off-by: Dexuan Cui Cc: Andy King Cc: Dmitry Torokhov Cc: George Zhang Cc: Jorgen Hansen Cc: Reilly Grant Cc: Asias He Cc: Stefan Hajnoczi Cc: Vitaly Kuznetsov Cc: Cathy Avery Cc: K. Y. Srinivasan Cc: Haiyang Zhang Cc: Stephen Hemminger --- net/vmw_vsock/af_vsock.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c index dfc8c51e..b7b2c66 100644 --- a/net/vmw_vsock/af_vsock.c +++ b/net/vmw_vsock/af_vsock.c @@ -126,6 +126,7 @@ static struct proto vsock_proto = { static const struct vsock_transport *transport; static DEFINE_MUTEX(vsock_register_mutex); +static DEFINE_SPINLOCK(vsock_accept_queue_lock); /**** EXPORTS ****/ @@ -406,7 +407,10 @@ void vsock_enqueue_accept(struct sock *listener, struct sock *connected) sock_hold(connected); sock_hold(listener); + + spin_lock(&vsock_accept_queue_lock); list_add_tail(&vconnected->accept_queue, &vlistener->accept_queue); + spin_unlock(&vsock_accept_queue_lock); } EXPORT_SYMBOL_GPL(vsock_enqueue_accept); @@ -423,7 +427,10 @@ static struct sock *vsock_dequeue_accept(struct sock *listener) vconnected = list_entry(vlistener->accept_queue.next, struct vsock_sock, accept_queue); + spin_lock(&vsock_accept_queue_lock); list_del_init(&vconnected->accept_queue); + spin_unlock(&vsock_accept_queue_lock); + sock_put(listener); /* The caller will need a reference on the connected socket so we let * it call sock_put(). -- 2.7.4