github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-07 14:04:54 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
ef690e3f62
linux/include
History
Cong Wang 1fc205d9e4 net: fix dev_ifsioc_locked() race condition 
commit 3b23a32a63 upstream.

dev_ifsioc_locked() is called with only RCU read lock, so when
there is a parallel writer changing the mac address, it could
get a partially updated mac address, as shown below:

Thread 1			Thread 2
// eth_commit_mac_addr_change()
memcpy(dev->dev_addr, addr->sa_data, ETH_ALEN);
				// dev_ifsioc_locked()
				memcpy(ifr->ifr_hwaddr.sa_data,
					dev->dev_addr,...);

Close this race condition by guarding them with a RW semaphore,
like netdev_get_name(). We can not use seqlock here as it does not
allow blocking. The writers already take RTNL anyway, so this does
not affect the slow path. To avoid bothering existing
dev_set_mac_address() callers in drivers, introduce a new wrapper
just for user-facing callers on ioctl and rtnetlink paths.

Note, bonding also changes slave mac addresses but that requires
a separate patch due to the complexity of bonding code.

Fixes: 3710becf8a ("net: RCU locking for simple ioctl()")
Reported-by: "Gong, Sishuai" <sishuai@purdue.edu>
Cc: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Cong Wang <cong.wang@bytedance.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-03-07 12:34:07 +01:00
..
acpi ACPICA: Fix exception code class checks 2021-03-04 11:37:24 +01:00
asm-generic vmlinux.lds.h: Define SANTIZER_DISCARDS with CONFIG_GCOV_KERNEL=y 2021-03-04 11:37:19 +01:00
clocksource
crypto
drm drm/dp/mst: Export drm_dp_get_vc_payload_bw() 2021-02-10 09:29:18 +01:00
dt-bindings ASoC: dt-bindings: lpass: Fix and common up lpass dai ids 2021-02-03 23:28:46 +01:00
keys
kunit kunit: fix display of failed expectations for strings 2020-11-10 13:45:15 -07:00
kvm ARM: 2020-10-23 11:17:56 -07:00
linux net: fix dev_ifsioc_locked() race condition 2021-03-07 12:34:07 +01:00
math-emu
media media: v4l2-fwnode: v4l2_fwnode_endpoint_parse caller must init vep argument 2020-12-30 11:53:11 +01:00
memory
misc
net net_sched: fix RTNL deadlock again caused by request_module() 2021-03-04 11:38:47 +01:00
pcmcia
ras
rdma RDMA: Lift ibdev_to_node from rds to common code 2021-02-26 10:12:59 +01:00
scsi scsi: libiscsi: Fix NOP race condition 2020-11-16 22:32:50 -05:00
soc net: dsa: felix: implement port flushing on .phylink_mac_link_down 2021-02-17 11:02:27 +01:00
sound ASoC: Fixes for v5.11 2020-11-19 19:56:29 +01:00
target
trace trace: fix potenial dangerous pointer 2020-11-25 13:03:44 +01:00
uapi net/sched: cls_flower: Reject invalid ct_state flags rules 2021-03-07 12:34:07 +01:00
vdso
video gpu: ipu-v3: remove unused functions 2020-10-26 10:42:38 +01:00
xen Xen/gntdev: correct error checking in gntdev_map_grant_pages() 2021-02-23 15:53:24 +01:00