Commit e85d33b3 authored Feb 28, 2025 by Geliang Tang Committed by Jakub Kicinski Mar 04, 2025

mptcp: pm: in-kernel: avoid access entry without lock



In mptcp_pm_nl_set_flags(), "entry" is copied to "local" when pernet->lock
is held to avoid direct access to entry without pernet->lock.

Therefore, "local->flags" should be passed to mptcp_nl_set_flags instead
of "entry->flags" when pernet->lock is not held, so as to avoid access to
entry.

Signed-off-by: Geliang Tang <tanggeliang@kylinos.cn>
Fixes: 145dc6cc ("mptcp: pm: change to fullmesh only for 'subflow'")
Reviewed-by: Matthieu Baerts (NGI0) <matttbe@kernel.org>
Signed-off-by: Matthieu Baerts (NGI0) <matttbe@kernel.org>
Link: https://patch.msgid.link/20250228-net-next-mptcp-coverage-small-opti-v1-3-f933c4275676@kernel.org


Signed-off-by: Jakub Kicinski <kuba@kernel.org>

parent ba240016

net/mptcp/pm_netlink.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -1983,7 +1983,7 @@ int mptcp_pm_nl_set_flags(struct mptcp_pm_addr_entry *local,
		local = entry;
		spin_unlock_bh(&pernet->lock);

		mptcp_nl_set_flags(net, &local->addr, entry->flags, changed);
		mptcp_nl_set_flags(net, &local->addr, local->flags, changed);
		return 0;
		}