Re: [PATCH net] sctp: Hold sock lock while iterating over address list
From: Eric Dumazet
Date: Mon Oct 27 2025 - 05:24:48 EST
We need a changelog.
On Mon, Oct 27, 2025 at 1:50 AM Stefan Wiehler <stefan.wiehler@xxxxxxxxx> wrote:
>
> Fixes: 8f840e47f190 ("sctp: add the sctp_diag.c file")
> Signed-off-by: Stefan Wiehler <stefan.wiehler@xxxxxxxxx>
> ---
> net/sctp/diag.c | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/net/sctp/diag.c b/net/sctp/diag.c
> index 996c2018f0e6..7f7e2773e047 100644
> --- a/net/sctp/diag.c
> +++ b/net/sctp/diag.c
> @@ -223,14 +223,15 @@ struct sctp_comm_param {
> bool net_admin;
> };
>
> -static size_t inet_assoc_attr_size(struct sctp_association *asoc)
> +static size_t inet_assoc_attr_size(struct sock *sk,
> + struct sctp_association *asoc)
> {
> int addrlen = sizeof(struct sockaddr_storage);
> int addrcnt = 0;
> struct sctp_sockaddr_entry *laddr;
>
> list_for_each_entry_rcu(laddr, &asoc->base.bind_addr.address_list,
> - list)
> + list, lockdep_sock_is_held(sk))
> addrcnt++;
>
> return nla_total_size(sizeof(struct sctp_info))
> @@ -256,11 +257,12 @@ static int sctp_sock_dump_one(struct sctp_endpoint *ep, struct sctp_transport *t
> if (err)
> return err;
>
> - rep = nlmsg_new(inet_assoc_attr_size(assoc), GFP_KERNEL);
> + lock_sock(sk);
> +
> + rep = nlmsg_new(inet_assoc_attr_size(sk, assoc), GFP_KERNEL);
> if (!rep)
> return -ENOMEM;
If -ENOMEM is returned, the lock needs to be released ?
Please do not rush patches like this.