ip: Fix data-races around sysctl_ip_prot_sock.

sysctl_ip_prot_sock is accessed concurrently, and there is always a chance
of data-race.  So, all readers and writers need some basic protection to
avoid load/store-tearing.

Fixes: 4548b683b781 ("Introduce a sysctl that modifies the value of PROT_SOCK.")
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/include/net/ip.h b/include/net/ip.h
index 4a15b6bcb4b8518cb8d51abdcfb50d32e5266167..1c979fd1904ce371d372ce42f3359fa277202295 100644 (file)
--- a/include/net/ip.h
+++ b/include/net/ip.h
@@ -357,7 +357,7 @@ static inline bool sysctl_dev_name_is_allowed(const char *name)
 
 static inline bool inet_port_requires_bind_service(struct net *net, unsigned short port)
 {
 
 static inline bool inet_port_requires_bind_service(struct net *net, unsigned short port)
 {

-       return port < net->ipv4.sysctl_ip_prot_sock;
+       return port < READ_ONCE(net->ipv4.sysctl_ip_prot_sock);

 }
 
 #else
 }
 
 #else

diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index 130e9c130311bbde86257475c3726fba9772a76b..5490c285668b93b5683328a2c284af66e2f19b0d 100644 (file)
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -84,7 +84,7 @@ static int ipv4_local_port_range(struct ctl_table *table, int write,
                 * port limit.
                 */
                if ((range[1] < range[0]) ||
                 * port limit.
                 */
                if ((range[1] < range[0]) ||

-                   (range[0] < net->ipv4.sysctl_ip_prot_sock))
+                   (range[0] < READ_ONCE(net->ipv4.sysctl_ip_prot_sock)))

                        ret = -EINVAL;
                else
                        set_local_port_range(net, range);
                        ret = -EINVAL;
                else
                        set_local_port_range(net, range);


@@ -110,7 +110,7 @@ static int ipv4_privileged_ports(struct ctl_table *table, int write,
                .extra2 = &ip_privileged_port_max,
        };
 
                .extra2 = &ip_privileged_port_max,
        };
 

-       pports = net->ipv4.sysctl_ip_prot_sock;
+       pports = READ_ONCE(net->ipv4.sysctl_ip_prot_sock);

 
        ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
 
 
        ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
 


@@ -122,7 +122,7 @@ static int ipv4_privileged_ports(struct ctl_table *table, int write,
                if (range[0] < pports)
                        ret = -EINVAL;
                else
                if (range[0] < pports)
                        ret = -EINVAL;
                else

-                       net->ipv4.sysctl_ip_prot_sock = pports;
+                       WRITE_ONCE(net->ipv4.sysctl_ip_prot_sock, pports);

        }
 
        return ret;
        }
 
        return ret;