asgardius/android_kernel_motorola_sm6225
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_motorola_sm6225/net/sctp
History
Xin Long f91e7bd934 sctp: move the active_key update after sh_keys is added 
[ Upstream commit ae954bbc451d267f7d60d7b49db811d5a68ebd7b ]

In commit 58acd1009226 ("sctp: update active_key for asoc when old key is
being replaced"), sctp_auth_asoc_init_active_key() is called to update
the active_key right after the old key is deleted and before the new key
is added, and it caused that the active_key could be found with the key_id.

In Ying Xu's testing, the BUG_ON in sctp_auth_asoc_init_active_key() was
triggered:

  [ ] kernel BUG at net/sctp/auth.c:416!
  [ ] RIP: 0010:sctp_auth_asoc_init_active_key.part.8+0xe7/0xf0 [sctp]
  [ ] Call Trace:
  [ ]  sctp_auth_set_key+0x16d/0x1b0 [sctp]
  [ ]  sctp_setsockopt.part.33+0x1ba9/0x2bd0 [sctp]
  [ ]  __sys_setsockopt+0xd6/0x1d0
  [ ]  __x64_sys_setsockopt+0x20/0x30
  [ ]  do_syscall_64+0x5b/0x1a0

So fix it by moving the active_key update after sh_keys is added.

Fixes: 58acd1009226 ("sctp: update active_key for asoc when old key is being replaced")
Reported-by: Ying Xu <yinxu@redhat.com>
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2021-08-12 13:19:39 +02:00
..
associola.c sctp: Don't advertise IPv4 addresses if ipv6only is set on the socket 2020-06-30 23:17:05 -04:00
auth.c sctp: move the active_key update after sh_keys is added 2021-08-12 13:19:39 +02:00
bind_addr.c sctp: validate from_addr_param return 2021-07-20 16:16:03 +02:00
chunk.c sctp: frag_point sanity check 2019-12-13 08:52:29 +01:00
debug.c
diag.c inet_diag: return classid for all socket types 2020-03-18 07:14:11 +01:00
endpointola.c sctp: cache netns in sctp_ep_common 2019-12-05 09:21:32 +01:00
input.c sctp: fix return value check in __sctp_rcv_asconf_lookup 2021-08-04 12:23:46 +02:00
inqueue.c
ipv6.c sctp: validate from_addr_param return 2021-07-20 16:16:03 +02:00
Kconfig
Makefile
objcnt.c
offload.c
output.c sctp: increase sk_wmem_alloc when head->truesize is increased 2019-12-13 08:52:00 +01:00
outqueue.c sctp: move trace_sctp_probe_path into sctp_outq_sack 2020-10-01 13:14:30 +02:00
primitive.c
proc.c net: fix iteration for sctp transport seq_files 2021-02-23 15:00:58 +01:00
protocol.c sctp: move 198 addresses from unusable to private scope 2021-07-31 08:22:38 +02:00
sm_make_chunk.c sctp: validate from_addr_param return 2021-07-20 16:16:03 +02:00
sm_sideeffect.c sctp: change to hold/put transport for proto_unreach_timer 2020-11-24 13:27:18 +01:00
sm_statefuns.c sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b 2021-05-22 10:59:43 +02:00
sm_statetable.c
socket.c sctp: delay auto_asconf init until binding the first addr 2021-05-22 10:59:39 +02:00
stream.c sctp: shrink stream outq when fails to do addstream reconf 2020-07-31 18:37:48 +02:00
stream_interleave.c
stream_sched.c
stream_sched_prio.c
stream_sched_rr.c
sysctl.c
transport.c sctp: change to hold/put transport for proto_unreach_timer 2020-11-24 13:27:18 +01:00
tsnmap.c
ulpevent.c
ulpqueue.c