linux/net
David S. Miller 278a3de5ab [AF_UNIX]: Fix datagram connect race causing an OOPS.
Based upon an excellent bug report and initial patch by
Frederik Deweerdt.

The UNIX datagram connect code blindly dereferences other->sk_socket
via the call down to the security_unix_may_send() function.

Without locking 'other' that pointer can go NULL via unix_release_sock()
which does sock_orphan() which also marks the socket SOCK_DEAD.

So we have to lock both 'sk' and 'other' yet avoid all kinds of
potential deadlocks (connect to self is OK for datagram sockets and it
is possible for two datagram sockets to perform a simultaneous connect
to each other).  So what we do is have a "double lock" function similar
to how we handle this situation in other areas of the kernel.  We take
the lock of the socket pointer with the smallest address first in
order to avoid ABBA style deadlocks.

Once we have them both locked, we check to see if SOCK_DEAD is set
for 'other' and if so, drop everything and retry the lookup.

Signed-off-by: David S. Miller <davem@davemloft.net>
2007-06-03 18:08:42 -07:00
..
802 [NET]: cleanup extra semicolons 2007-04-25 22:29:24 -07:00
8021q VLAN: kill_vid is only useful for VLAN filtering devices 2007-06-03 11:44:19 -04:00
appletalk header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
atm [NET]: SPIN_LOCK_UNLOCKED cleanup in drivers/atm, net 2007-04-26 01:37:44 -07:00
ax25 [S390] Kconfig: unwanted menus for s390. 2007-05-10 15:46:07 +02:00
bluetooth [Bluetooth] Fix L2CAP configuration parameter handling 2007-05-24 14:27:19 +02:00
bridge [BRIDGE]: Round off STP perodic timers. 2007-05-31 01:23:39 -07:00
core [NET]: parse ip:port strings correctly in in4_pton 2007-05-31 01:23:27 -07:00
dccp [XFRM]: Allow packet drops during larval state resolution. 2007-05-24 18:17:54 -07:00
decnet Fix occurrences of "the the " 2007-05-09 08:57:56 +02:00
econet [SK_BUFF]: Convert skb->tail to sk_buff_data_t 2007-04-25 22:26:28 -07:00
ethernet [SK_BUFF]: Introduce skb_reset_mac_header(skb) 2007-04-25 22:24:32 -07:00
ieee80211 [PATCH] softmac: alloc_ieee80211() NULL check 2007-05-29 11:16:35 -04:00
ipv4 [TCP] tcp_probe: use GCC printf attribute 2007-05-31 01:23:37 -07:00
ipv6 [IPV6]: Fix build warning. 2007-05-31 01:23:31 -07:00
ipx Fix incorrect prototype for ipxrtr_route_packet() 2007-05-17 05:25:49 -07:00
irda [S390] Kconfig: unwanted menus for s390. 2007-05-10 15:46:07 +02:00
iucv Add suspend-related notifications for CPU hotplug 2007-05-09 12:30:56 -07:00
key [IPSEC] pfkey: Load specific algorithm in pfkey_add rather than all 2007-05-19 14:21:18 -07:00
lapb [PATCH] remove many unneeded #includes of sched.h 2007-02-14 08:09:54 -08:00
llc Fix occurrences of "the the " 2007-05-09 08:57:56 +02:00
mac80211 [PATCH] mac80211: avoid null ptr deref in ieee80211_ibss_add_sta 2007-05-29 10:34:05 -04:00
netfilter [NETFILTER]: nf_conntrack_h323: add missing T.120 address in OLCA 2007-05-24 16:44:11 -07:00
netlabel SELinux: extract the NetLabel SELinux support from the security server 2007-04-26 01:35:48 -04:00
netlink header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
netrom [NET]: Rework dev_base via list_head (v3) 2007-05-03 15:13:45 -07:00
packet [AF_PACKET]: Kill CONFIG_PACKET_SOCKET. 2007-05-31 01:23:32 -07:00
rfkill [RFKILL]: Fix check for correct rfkill allocation 2007-05-19 12:24:39 -07:00
rose [NET]: Rework dev_base via list_head (v3) 2007-05-03 15:13:45 -07:00
rxrpc [AF_RXRPC]: Make call state names available if CONFIG_PROC_FS=n 2007-05-22 16:14:24 -07:00
sched [NET_SCHED]: sch_htb: fix event cache time calculation 2007-05-24 16:36:56 -07:00
sctp [SCTP]: Use menuconfig objects. 2007-05-24 16:36:48 -07:00
sunrpc Merge branch 'master' of /home/trondmy/repositories/git/linux-2.6/ 2007-05-17 11:36:59 -04:00
tipc [TIPC]: Fixed erroneous introduction of for_each_netdev 2007-05-24 16:36:54 -07:00
unix [AF_UNIX]: Fix datagram connect race causing an OOPS. 2007-06-03 18:08:42 -07:00
wanrouter [SK_BUFF]: Introduce skb_copy_to_linear_data{_offset} 2007-04-25 22:28:29 -07:00
wireless [WIRELESS] cfg80211: Clarify locking comment. 2007-04-26 20:51:12 -07:00
x25 header cleaning: don't include smp_lock.h when not used 2007-05-08 11:15:07 -07:00
xfrm [XFRM]: xfrm_larval_drop sysctl should be __read_mostly. 2007-05-31 01:23:24 -07:00
compat.c [NET]: Adding SO_TIMESTAMPNS / SCM_TIMESTAMPNS support 2007-04-25 22:24:21 -07:00
Kconfig [S390] Kconfig: no wireless on s390. 2007-05-10 15:46:08 +02:00
Makefile [NET]: rfkill: add support for input key to control wireless radio 2007-05-07 00:34:20 -07:00
nonet.c [PATCH] Make most file operations structs in fs/ const 2006-03-28 09:16:06 -08:00
socket.c Remove SLAB_CTOR_CONSTRUCTOR 2007-05-17 05:23:04 -07:00
sysctl_net.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
TUNABLE