diff options
author | Ursula Braun <ubraun@linux.ibm.com> | 2018-08-08 14:13:19 +0200 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2018-08-09 04:14:22 +0200 |
commit | caa21e19e08d7a1445116a93f7ab4e187ebbbadb (patch) | |
tree | 5cc5dccf2d25d7305186bbf5cf94e67563f8d9bf | |
parent | net: aquantia: Fix IFF_ALLMULTI flag functionality (diff) | |
download | linux-caa21e19e08d7a1445116a93f7ab4e187ebbbadb.tar.xz linux-caa21e19e08d7a1445116a93f7ab4e187ebbbadb.zip |
net/smc: no shutdown in state SMC_LISTEN
Invoking shutdown for a socket in state SMC_LISTEN does not make
sense. Nevertheless programs like syzbot fuzzing the kernel may
try to do this. For SMC this means a socket refcounting problem.
This patch makes sure a shutdown call for an SMC socket in state
SMC_LISTEN simply returns with -ENOTCONN.
Signed-off-by: Ursula Braun <ubraun@linux.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/smc/af_smc.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/net/smc/af_smc.c b/net/smc/af_smc.c index 05e4ffe5aabd..1288c7bf40d5 100644 --- a/net/smc/af_smc.c +++ b/net/smc/af_smc.c @@ -1397,8 +1397,7 @@ static int smc_shutdown(struct socket *sock, int how) lock_sock(sk); rc = -ENOTCONN; - if ((sk->sk_state != SMC_LISTEN) && - (sk->sk_state != SMC_ACTIVE) && + if ((sk->sk_state != SMC_ACTIVE) && (sk->sk_state != SMC_PEERCLOSEWAIT1) && (sk->sk_state != SMC_PEERCLOSEWAIT2) && (sk->sk_state != SMC_APPCLOSEWAIT1) && |