Date: Wed, 1 Feb 2023 22:44:57 GMT From: Michael Tuexen <tuexen@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: a162e6496a7c - stable/13 - sctp: hold the inp lock while calling ip6_output Message-ID: <202302012244.311Mivcc002265@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by tuexen: URL: https://cgit.FreeBSD.org/src/commit/?id=a162e6496a7ccd3a1a1b5caf276de915dc3a0e74 commit a162e6496a7ccd3a1a1b5caf276de915dc3a0e74 Author: Michael Tuexen <tuexen@FreeBSD.org> AuthorDate: 2022-04-19 11:03:08 +0000 Commit: Michael Tuexen <tuexen@FreeBSD.org> CommitDate: 2023-02-01 22:44:25 +0000 sctp: hold the inp lock while calling ip6_output This fixes an issue with handling IPPROTO_IPV6 level socket options. Reported by: syzbot+66ede232c3d1271c6226@syzkaller.appspotmail.com MFC after: 3 days (cherry picked from commit a12d89332efe0b02307c580a6f3025652374cd47) --- sys/netinet/sctp_os_bsd.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sys/netinet/sctp_os_bsd.h b/sys/netinet/sctp_os_bsd.h index e8d08588fbfb..faca8a3b6276 100644 --- a/sys/netinet/sctp_os_bsd.h +++ b/sys/netinet/sctp_os_bsd.h @@ -428,9 +428,11 @@ typedef struct route sctp_route_t; \ m_clrprotoflags(o_pak); \ if (local_inp != NULL) { \ + INP_RLOCK(&local_inp->ip_inp.inp); \ result = ip6_output(o_pak, \ local_inp->ip_inp.inp.in6p_outputopts, \ (ro), 0, 0, ifp, NULL); \ + INP_RUNLOCK(&local_inp->ip_inp.inp); \ } else { \ result = ip6_output(o_pak, NULL, (ro), 0, 0, ifp, NULL); \ } \
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202302012244.311Mivcc002265>