[Patch net] smc: disallow TCP_ULP in smc_setsockopt()

Sat, 10 Apr 2021 11:17:44 -0700 

From: Cong Wang <[email protected]>

syzbot is able to setup kTLS on an SMC socket, which coincidentally
uses sk_user_data too, later, kTLS treats it as psock so triggers a
refcnt warning. The cause is that smc_setsockopt() simply calls
TCP setsockopt(). I do not think it makes sense to setup kTLS on
top of SMC, so we can just disallow this.

Reported-and-tested-by: [email protected]
Cc: John Fastabend <[email protected]>
Cc: Karsten Graul <[email protected]>
Signed-off-by: Cong Wang <[email protected]>
---
 net/smc/af_smc.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/net/smc/af_smc.c b/net/smc/af_smc.c
index 47340b3b514f..0d4d6d28f20c 100644
--- a/net/smc/af_smc.c
+++ b/net/smc/af_smc.c
@@ -2162,6 +2162,9 @@ static int smc_setsockopt(struct socket *sock, int level, 
int optname,
        struct smc_sock *smc;
        int val, rc;
 
+       if (optname == TCP_ULP)
+               return -EOPNOTSUPP;
+
        smc = smc_sk(sk);
 
        /* generic setsockopts reaching us here always apply to the
@@ -2186,7 +2189,6 @@ static int smc_setsockopt(struct socket *sock, int level, 
int optname,
        if (rc || smc->use_fallback)
                goto out;
        switch (optname) {
-       case TCP_ULP:
        case TCP_FASTOPEN:
        case TCP_FASTOPEN_CONNECT:
        case TCP_FASTOPEN_KEY:
-- 
2.25.1

Reply via email to