On 1/14/21 4:37 PM, Paolo Abeni wrote:
> tcp_disconnect() expects the caller acquires the sock lock,
> but mptcp_disconnect() is not doing that. Add the missing
> required lock.
>
> Reported-by: Eric Dumazet <eric.duma...@gmail.com>
> Fixes: 76e2a55d1625 ("mptcp: better msk-level shutdown.")
> Signed-off-by: Paolo Abeni <pab...@redhat.com>
> ---
> net/mptcp/protocol.c | 9 +++++++--
> 1 file changed, 7 insertions(+), 2 deletions(-)
>
> diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c
> index 81faeff8f3bb..f998a077c7dd 100644
> --- a/net/mptcp/protocol.c
> +++ b/net/mptcp/protocol.c
> @@ -2646,8 +2646,13 @@ static int mptcp_disconnect(struct sock *sk, int flags)
> struct mptcp_sock *msk = mptcp_sk(sk);
>
> __mptcp_flush_join_list(msk);
> - mptcp_for_each_subflow(msk, subflow)
> - tcp_disconnect(mptcp_subflow_tcp_sock(subflow), flags);
> + mptcp_for_each_subflow(msk, subflow) {
> + struct sock *ssk = mptcp_subflow_tcp_sock(subflow);
> +
> + lock_sock(ssk);
> + tcp_disconnect(ssk, flags);
> + release_sock(ssk);
> + }
Reviewed-by: Eric Dumazet <eduma...@google.com>
Note that for loops like this one, calling non blocking functions,
you could use lock_sock_fast()
(Probably does not matter in slow path)
