summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Ahern <dsahern@gmail.com>2019-01-05 07:35:04 -0800
committerDavid S. Miller <davem@davemloft.net>2019-01-05 14:17:07 -0800
commitd4a7e9bb74b5aaf07b89f6531c080b1130bdf019 (patch)
tree82ae9e9a5c557f6d765aea8eaedb778cc45c1bfd
parentec90ad334986fa5856d11dd272f7f22fa86c55c4 (diff)
downloadlwn-d4a7e9bb74b5aaf07b89f6531c080b1130bdf019.tar.gz
lwn-d4a7e9bb74b5aaf07b89f6531c080b1130bdf019.zip
ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses
I realized the last patch calls dev_get_by_index_rcu in a branch not holding the rcu lock. Add the calls to rcu_read_lock and rcu_read_unlock. Fixes: ec90ad334986 ("ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address") Signed-off-by: David Ahern <dsahern@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv6/af_inet6.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c
index 93288b9f1697..d99753b5e39b 100644
--- a/net/ipv6/af_inet6.c
+++ b/net/ipv6/af_inet6.c
@@ -321,17 +321,20 @@ static int __inet6_bind(struct sock *sk, struct sockaddr *uaddr, int addr_len,
goto out;
}
+ rcu_read_lock();
if (sk->sk_bound_dev_if) {
dev = dev_get_by_index_rcu(net, sk->sk_bound_dev_if);
if (!dev) {
err = -ENODEV;
- goto out;
+ goto out_unlock;
}
}
/* Reproduce AF_INET checks to make the bindings consistent */
v4addr = addr->sin6_addr.s6_addr32[3];
chk_addr_ret = inet_addr_type_dev_table(net, dev, v4addr);
+ rcu_read_unlock();
+
if (!inet_can_nonlocal_bind(net, inet) &&
v4addr != htonl(INADDR_ANY) &&
chk_addr_ret != RTN_LOCAL &&