android/android_kernel_samsung_sm8650
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5b4439c0d7
android_kernel_samsung_sm8650/net
History
Jakub Kicinski 5b4439c0d7 UPSTREAM: tls: fix race between async notify and socket close 
[ Upstream commit aec7961916f3f9e88766e2688992da6980f11b8d ]

The submitting thread (one which called recvmsg/sendmsg)
may exit as soon as the async crypto handler calls complete()
so any code past that point risks touching already freed data.

Try to avoid the locking and extra flags altogether.
Have the main thread hold an extra reference, this way
we can depend solely on the atomic ref counter for
synchronization.

Don't futz with reiniting the completion, either, we are now
tightly controlling when completion fires.

Bug: 326214245
Reported-by: valis <sec@valis.email>
Fixes: 0cada33241 ("net/tls: fix race condition causing kernel panic")
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Reviewed-by: Simon Horman <horms@kernel.org>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Reviewed-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
(cherry picked from commit 7a3ca06d04d589deec81f56229a9a9d62352ce01)
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: Idda32dd68ed26ae5c85c985305f52c3b2245e32c
2024-04-09 13:05:29 +01:00
..
6lowpan
9p Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
802 mrp: introduce active flags to prevent UAF when applicant uninit 2022-12-31 13:33:02 +01:00
8021q Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
appletalk Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
atm Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
ax25
batman-adv Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
bluetooth Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
bpf Revert "bpf, test_run: fix &xdp_frame misplacement for LIVE_FRAMES" 2023-03-17 08:50:32 +01:00
bpfilter
bridge Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
caif net: caif: Fix use-after-free in cfusbl_device_notify() 2023-03-17 08:50:24 +01:00
can Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
ceph UPSTREAM: libceph: harden msgr2.1 frame segment length checks 2023-10-24 17:39:17 +00:00
core Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
dcb net: dcb: choose correct policy to parse DCB_ATTR_BCN 2023-08-11 12:08:17 +02:00
dccp This is the 6.1.63 stable release 2023-11-27 16:59:46 +00:00
devlink devlink: remove reload failed checks in params get/set callbacks 2023-09-23 11:11:01 +02:00
dns_resolver Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
dsa net: dsa: sja1105: always enable the send_meta options 2023-07-19 16:22:06 +02:00
ethernet
ethtool Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
hsr hsr: Prevent use after free in prp_create_tagged_frame() 2023-11-20 11:52:15 +01:00
ieee802154 net: ieee802154: fix error return code in dgram_bind() 2022-10-07 09:29:17 +02:00
ife Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
ipv4 Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
ipv6 Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
iucv net/iucv: Fix size of interrupt data 2023-03-22 13:33:50 +01:00
kcm kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg(). 2023-09-19 12:28:10 +02:00
key net: af_key: fix sadb_x_filter validation 2023-08-23 17:52:32 +02:00
l2tp Revert "udp: annotate data-races around udp->encap_type" 2024-01-15 11:39:07 +00:00
l3mdev
lapb
llc llc: verify mac len before reading mac header 2023-11-20 11:52:15 +01:00
mac80211 Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
mac802154 mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() 2022-12-05 09:53:08 +01:00
mctp mctp: perform route lookups under a RCU read-side lock 2023-10-19 23:08:57 +02:00
mpls net: mpls: fix stale pointer if allocation fails during device rename 2023-02-22 12:59:53 +01:00
mptcp Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
ncsi Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
netfilter UPSTREAM: netfilter: nf_tables: disallow anonymous set with timeout flag 2024-04-08 16:15:41 +01:00
netlabel Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
netlink Revert "drop_monitor: Require 'CAP_SYS_ADMIN' when joining "events" group" 2024-01-05 13:53:07 +00:00
netrom netrom: Deny concurrent connect(). 2023-09-13 09:42:35 +02:00
nfc Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
nsh net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() 2023-05-24 17:32:45 +01:00
openvswitch Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
packet packet: Move reference count in packet_sock to atomic_long_t 2023-12-13 18:39:20 +01:00
phonet
psample psample: Require 'CAP_NET_ADMIN' when joining "packets" group 2023-12-13 18:39:11 +01:00
qrtr Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
rds net: prevent address rewrite in kernel_bind() 2023-10-19 23:08:50 +02:00
rfkill Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
rose Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
rxrpc rxrpc: Fix hard call timeout units 2023-05-17 11:53:35 +02:00
sched Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
sctp Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
smc Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
strparser
sunrpc Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
switchdev
tipc tipc: Fix kernel-infoleak due to uninitialized TLV value 2023-11-28 17:07:05 +00:00
tls UPSTREAM: tls: fix race between async notify and socket close 2024-04-09 13:05:29 +01:00
unix bpf: sockmap, fix proto update hook to avoid dup calls 2024-01-25 15:27:30 -08:00
vmw_vsock Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
wireless Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
x25 net/x25: Fix to not accept on connected socket 2023-02-09 11:28:13 +01:00
xdp xsk: Skip polling event check for unbound socket 2023-12-13 18:39:08 +01:00
xfrm Revert "xfrm: fix a data-race in xfrm_gen_index()" 2023-11-06 14:50:01 +00:00
compat.c use less confusing names for iov_iter direction initializers 2023-02-09 11:28:04 +01:00
devres.c
Kconfig
Kconfig.debug
Makefile devlink: move code to a dedicated directory 2023-08-30 16:11:00 +02:00
socket.c Reapply "Merge tag 'android14-6.1.75_r00' into android14-6.1" 2024-04-02 19:49:12 +00:00
sysctl_net.c
TEST_MAPPING