Commit 1b536948 authored by Kuniyuki Iwashima's avatar Kuniyuki Iwashima Committed by Paolo Abeni

af_unix: Annotate data-race of sk->sk_state in unix_accept().

Once sk->sk_state is changed to TCP_LISTEN, it never changes.

unix_accept() takes the advantage and reads sk->sk_state without
holding unix_state_lock().

Let's use READ_ONCE() there.

Fixes: 1da177e4 ("Linux-2.6.12-rc2")
Signed-off-by: default avatarKuniyuki Iwashima <kuniyu@amazon.com>
Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
parent a9bf9c7d
...@@ -1710,7 +1710,7 @@ static int unix_accept(struct socket *sock, struct socket *newsock, ...@@ -1710,7 +1710,7 @@ static int unix_accept(struct socket *sock, struct socket *newsock,
goto out; goto out;
arg->err = -EINVAL; arg->err = -EINVAL;
if (sk->sk_state != TCP_LISTEN) if (READ_ONCE(sk->sk_state) != TCP_LISTEN)
goto out; goto out;
/* If socket state is TCP_LISTEN it cannot change (for now...), /* If socket state is TCP_LISTEN it cannot change (for now...),
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment