Commit 5a8db80f authored Apr 22, 2026 by Ruijie Li Committed by Jakub Kicinski Apr 23, 2026

net/smc: avoid early lgr access in smc_clc_wait_msg



A CLC decline can be received while the handshake is still in an early
stage, before the connection has been associated with a link group.

The decline handling in smc_clc_wait_msg() updates link-group level sync
state for first-contact declines, but that state only exists after link
group setup has completed. Guard the link-group update accordingly and
keep the per-socket peer diagnosis handling unchanged.

This preserves the existing sync_err handling for established link-group
contexts and avoids touching link-group state before it is available.

Fixes: 0cfdd8f9 ("smc: connection and link group creation")
Cc: stable@kernel.org
Reported-by: Yuan Tan <yuantan098@gmail.com>
Reported-by: Yifan Wu <yifanwucs@gmail.com>
Reported-by: Juefei Pu <tomapufckgml@gmail.com>
Reported-by: Xin Liu <bird@lzu.edu.cn>
Signed-off-by: Ruijie Li <ruijieli51@gmail.com>
Signed-off-by: Ren Wei <n05ec@lzu.edu.cn>
Reviewed-by: Dust Li <dust.li@linux.alibaba.com>
Link: https://patch.msgid.link/08c68a5c817acf198cce63d22517e232e8d60718.1776850759.git.ruijieli51@gmail.com


Signed-off-by: Jakub Kicinski <kuba@kernel.org>

parent 3d1f2072

net/smc/smc_clc.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -788,8 +788,8 @@ int smc_clc_wait_msg(struct smc_sock smc, void buf, int buflen,
		dclc = (struct smc_clc_msg_decline *)clcm;
		reason_code = SMC_CLC_DECL_PEERDECL;
		smc->peer_diagnosis = ntohl(dclc->peer_diagnosis);
		if (((struct smc_clc_msg_decline *)buf)->hdr.typev2 &
		SMC_FIRST_CONTACT_MASK) {
		if ((dclc->hdr.typev2 & SMC_FIRST_CONTACT_MASK) &&
		smc->conn.lgr) {
		smc->conn.lgr->sync_err = 1;
		smc_lgr_terminate_sched(smc->conn.lgr);
		}