diff options
author | Cong Wang <cong.wang@bytedance.com> | 2021-05-05 21:40:48 +0200 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2021-05-05 21:52:45 +0200 |
commit | 8621436671f3a4bba5db57482e1ee604708bf1eb (patch) | |
tree | 5a5dafac72732103c5eb548fc4a01242e40c70b3 /net/smc/smc_llc.h | |
parent | net: fix nla_strcmp to handle more then one trailing null character (diff) | |
download | linux-8621436671f3a4bba5db57482e1ee604708bf1eb.tar.xz linux-8621436671f3a4bba5db57482e1ee604708bf1eb.zip |
smc: disallow TCP_ULP in smc_setsockopt()
syzbot is able to setup kTLS on an SMC socket which coincidentally
uses sk_user_data too. Later, kTLS treats it as psock so triggers a
refcnt warning. The root cause is that smc_setsockopt() simply calls
TCP setsockopt() which includes TCP_ULP. I do not think it makes
sense to setup kTLS on top of SMC sockets, so we should just disallow
this setup.
It is hard to find a commit to blame, but we can apply this patch
since the beginning of TCP_ULP.
Reported-and-tested-by: syzbot+b54a1ce86ba4a623b7f0@syzkaller.appspotmail.com
Fixes: 734942cc4ea6 ("tcp: ULP infrastructure")
Cc: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: Karsten Graul <kgraul@linux.ibm.com>
Signed-off-by: Cong Wang <cong.wang@bytedance.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/smc/smc_llc.h')
0 files changed, 0 insertions, 0 deletions