Re: [syzbot] [net?] possible deadlock in gtp_encap_enable_socket

From: Hillf Danton
Date: Sat Oct 05 2024 - 05:31:10 EST


On Mon, 23 Sep 2024 08:46:24 -0700
> syzbot found the following issue on:
>
> HEAD commit: 9410645520e9 Merge tag 'net-next-6.12' of git://git.kernel..
> git tree: net-next
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=110c6c27980000

#syz test

--- x/net/smc/af_smc.c
+++ y/net/smc/af_smc.c
@@ -3053,9 +3053,7 @@ int smc_setsockopt(struct socket *sock,
/* generic setsockopts reaching us here always apply to the
* CLC socket
*/
- mutex_lock(&smc->clcsock_release_lock);
if (!smc->clcsock) {
- mutex_unlock(&smc->clcsock_release_lock);
return -EBADF;
}
if (unlikely(!smc->clcsock->ops->setsockopt))
@@ -3067,7 +3065,6 @@ int smc_setsockopt(struct socket *sock,
sk->sk_err = smc->clcsock->sk->sk_err;
sk_error_report(sk);
}
- mutex_unlock(&smc->clcsock_release_lock);

if (optlen < sizeof(int))
return -EINVAL;
@@ -3133,19 +3130,15 @@ int smc_getsockopt(struct socket *sock,
return __smc_getsockopt(sock, level, optname, optval, optlen);

smc = smc_sk(sock->sk);
- mutex_lock(&smc->clcsock_release_lock);
if (!smc->clcsock) {
- mutex_unlock(&smc->clcsock_release_lock);
return -EBADF;
}
/* socket options apply to the CLC socket */
if (unlikely(!smc->clcsock->ops->getsockopt)) {
- mutex_unlock(&smc->clcsock_release_lock);
return -EOPNOTSUPP;
}
rc = smc->clcsock->ops->getsockopt(smc->clcsock, level, optname,
optval, optlen);
- mutex_unlock(&smc->clcsock_release_lock);
return rc;
}

--