Received: by 2002:a05:6a10:413:0:0:0:0 with SMTP id 19csp3549425pxp; Tue, 15 Mar 2022 00:26:58 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz0oDHg/x+fT9N58uqAqDNcY0VmPA4powbhK4lzs5WtcX2eE6MaYl9OPf4u2qDGUd72NShh X-Received: by 2002:a05:6a00:1381:b0:4f6:e4ba:2d64 with SMTP id t1-20020a056a00138100b004f6e4ba2d64mr26805817pfg.24.1647329218165; Tue, 15 Mar 2022 00:26:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1647329218; cv=none; d=google.com; s=arc-20160816; b=O/LCgbBkzGEBmZ/pEWrXHjNX0rh1tBaYSESuVsD46X2cREsotN5WM02zyfkVffvadC 1lKFk4oMtoG7PZgjsgLKHU9k6qSamAtNi1HN3Z3BColyG2D4SqHc/Rd8ivKv0c/y/pgR j8neX3N9AKPZWPBb9DIvpiY9+EHRpoTl7Fb/hVCOgID0zfWiG65Xb/MWWuy9h9nKyczG VBhV5oRiyJZ7mAeMDkqJPtnUwFeuUL9kpSDX4isA/r1wmdLXK+z5TJYJcegOZ4ufmUom EBPSdgqMne/ErjGhuqJdsoy7JvmPGbFRO9Bh82exEi3a7hJgEgDjMn0Ppdqw5Tb3LGbf Cm+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=NTx6u7xiv/u4aBaAgrMPaZrmnOxIZ1cpYmX0dLIBgzg=; b=ziORNbzFU4nDTCIuU8jltgsGkzb9aq8JOSSXgmoRG/lXaXFIkK2jnAVLkH5gMmoUXk UD69HNM7SkiL3kSz+bR+18hqmRACBTv2Dh0B+VGg0e2GmYwww+2xwuCc6yCDE1z11dTb eCu4niyaE+Kt4f9inzagxfu8wSJPP0qgqEI1xnjcT5KUKkBek6/kxO5b3w/9+LkJM/hW bZwwV0kD2yLz4H9NPRMpjjAT/4T0ZwqtDNIbDSjX/sGug9qBioZl+K2EolGXsXIDImPM yeM7nz2GQVN1v0+wZ5lh1ntvF6RGxLTZeJ7kND/L7dYvtmcBTulN8YM/IEUifc/izz0J KdVA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=nlMHU1Um; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id a9-20020a170902ecc900b001519612b337si17886634plh.147.2022.03.15.00.26.45; Tue, 15 Mar 2022 00:26:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=nlMHU1Um; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242592AbiCNMTM (ORCPT + 99 others); Mon, 14 Mar 2022 08:19:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35208 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S242471AbiCNMKD (ORCPT ); Mon, 14 Mar 2022 08:10:03 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4C03B17A91; Mon, 14 Mar 2022 05:08:27 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 99F39B80DF2; Mon, 14 Mar 2022 12:08:25 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 632A7C340E9; Mon, 14 Mar 2022 12:08:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1647259704; bh=onYlknSgLwbgYWqir8BhpYuP5iyE2EdA/Jrp4+PEz4E=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=nlMHU1UmaWvY3cFtrr2+WTFw82XDMYp+tMlRDttTfkTLnIFuK2g0lE7jNneo6bGjN UVvLrF6kbHau0kqfgjE34ped/8CElsgH11ziVOzzDm/mfaCZqF32nC+tcDqMD+XVyI pb7boUyuvjVPArrL9rzeq0J1BFCwSf92aeqm3t7M= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Niels Dossche , David Ahern , Niels Dossche , Jakub Kicinski , Sasha Levin Subject: [PATCH 5.15 069/110] ipv6: prevent a possible race condition with lifetimes Date: Mon, 14 Mar 2022 12:54:11 +0100 Message-Id: <20220314112744.961724588@linuxfoundation.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220314112743.029192918@linuxfoundation.org> References: <20220314112743.029192918@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-8.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Niels Dossche [ Upstream commit 6c0d8833a605e195ae219b5042577ce52bf71fff ] valid_lft, prefered_lft and tstamp are always accessed under the lock "lock" in other places. Reading these without taking the lock may result in inconsistencies regarding the calculation of the valid and preferred variables since decisions are taken on these fields for those variables. Signed-off-by: Niels Dossche Reviewed-by: David Ahern Signed-off-by: Niels Dossche Link: https://lore.kernel.org/r/20220223131954.6570-1-niels.dossche@ugent.be Signed-off-by: Jakub Kicinski Signed-off-by: Sasha Levin --- net/ipv6/addrconf.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index e852bbc839dd..1fe27807e471 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -5000,6 +5000,7 @@ static int inet6_fill_ifaddr(struct sk_buff *skb, struct inet6_ifaddr *ifa, nla_put_s32(skb, IFA_TARGET_NETNSID, args->netnsid)) goto error; + spin_lock_bh(&ifa->lock); if (!((ifa->flags&IFA_F_PERMANENT) && (ifa->prefered_lft == INFINITY_LIFE_TIME))) { preferred = ifa->prefered_lft; @@ -5021,6 +5022,7 @@ static int inet6_fill_ifaddr(struct sk_buff *skb, struct inet6_ifaddr *ifa, preferred = INFINITY_LIFE_TIME; valid = INFINITY_LIFE_TIME; } + spin_unlock_bh(&ifa->lock); if (!ipv6_addr_any(&ifa->peer_addr)) { if (nla_put_in6_addr(skb, IFA_LOCAL, &ifa->addr) < 0 || -- 2.34.1