[PATCH 4.17 315/324] net/smc: no shutdown in state SMC_LISTEN

From: Greg Kroah-Hartman
Date: Thu Aug 23 2018 - 05:10:08 EST


4.17-stable review patch. If anyone has any objections, please let me know.

------------------

From: Ursula Braun <ubraun@xxxxxxxxxxxxx>

commit caa21e19e08d7a1445116a93f7ab4e187ebbbadb upstream.

Invoking shutdown for a socket in state SMC_LISTEN does not make
sense. Nevertheless programs like syzbot fuzzing the kernel may
try to do this. For SMC this means a socket refcounting problem.
This patch makes sure a shutdown call for an SMC socket in state
SMC_LISTEN simply returns with -ENOTCONN.

Signed-off-by: Ursula Braun <ubraun@xxxxxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
net/smc/af_smc.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)

--- a/net/smc/af_smc.c
+++ b/net/smc/af_smc.c
@@ -1231,8 +1231,7 @@ static int smc_shutdown(struct socket *s
lock_sock(sk);

rc = -ENOTCONN;
- if ((sk->sk_state != SMC_LISTEN) &&
- (sk->sk_state != SMC_ACTIVE) &&
+ if ((sk->sk_state != SMC_ACTIVE) &&
(sk->sk_state != SMC_PEERCLOSEWAIT1) &&
(sk->sk_state != SMC_PEERCLOSEWAIT2) &&
(sk->sk_state != SMC_APPCLOSEWAIT1) &&