Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 6b2f36b94a0d57f5378742d482f4e46ae0acd78a^! / . / net / ipv4 / tcp_ipv4.c
commit6b2f36b94a0d57f5378742d482f4e46ae0acd78a[log] [tgz]
authorEric Dumazet <edumazet@google.com>Tue Oct 02 12:35:05 2018 -0700
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>Thu Oct 18 09:13:23 2018 +0200
treed6b3862a9418758cd1e9c0ef8413cd7e11453d68
parent4cded0a3a9c69d3c08b2ab15a7dd8206775142e4 [diff] [blame]
inet: make sure to grab rcu_read_lock before using ireq->ireq_opt

[ Upstream commit 2ab2ddd301a22ca3c5f0b743593e4ad2953dfa53 ]

Timer handlers do not imply rcu_read_lock(), so my recent fix
triggered a LOCKDEP warning when SYNACK is retransmit.

Lets add rcu_read_lock()/rcu_read_unlock() pairs around ireq->ireq_opt
usages instead of guessing what is done by callers, since it is
not worth the pain.

Get rid of ireq_opt_deref() helper since it hides the logic
without real benefit, since it is now a standard rcu_dereference().

Fixes: 1ad98e9d1bdf ("tcp/dccp: fix lockdep issue when SYN is backlogged")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index 16dea67..1ea0c91 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c

@@ -859,9 +859,11 @@
 	if (skb) {
 		__tcp_v4_send_check(skb, ireq->ir_loc_addr, ireq->ir_rmt_addr);
 
+		rcu_read_lock();
 		err = ip_build_and_send_pkt(skb, sk, ireq->ir_loc_addr,
 					    ireq->ir_rmt_addr,
-					    ireq_opt_deref(ireq));
+					    rcu_dereference(ireq->ireq_opt));
+		rcu_read_unlock();
 		err = net_xmit_eval(err);
 	}