tcp: Fix data-races around sysctl_tcp_syncookies.

[ Upstream commit f2e383b5bb6bbc60a0b94b87b3e49a2b1aefd11e ] While reading sysctl_tcp_syncookies, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Sasha Levin <sashal@kernel.org>
author: Kuniyuki Iwashima <kuniyu@amazon.com> 2022-07-15 20:17:47 +0300
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2022-07-29 18:19:16 +0300
commit: dc1a78a2b274bad6b1be1561759ab670640af2d7 (patch)
tree: fd2468130e9cded83c2b5c22f242cca85e2e0c88 /net/ipv6
parent: fc489055e7e8abe409224ff18863999cede92fbf (diff)
download: linux-dc1a78a2b274bad6b1be1561759ab670640af2d7.tar.xz
1 files changed, 2 insertions, 1 deletions
diff --git a/net/ipv6/syncookies.c b/net/ipv6/syncookies.c
index ca92dd6981de..12ae817aaf2e 100644
--- a/net/ipv6/syncookies.c
+++ b/net/ipv6/syncookies.c
@@ -141,7 +141,8 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb)
 	__u8 rcv_wscale;
 	u32 tsoff = 0;
 
-	if (!sock_net(sk)->ipv4.sysctl_tcp_syncookies || !th->ack || th->rst)
+	if (!READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_syncookies) ||
+	    !th->ack || th->rst)
 		goto out;
 
 	if (tcp_synq_no_recent_overflow(sk))
author	Kuniyuki Iwashima <kuniyu@amazon.com>	2022-07-15 20:17:47 +0300
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2022-07-29 18:19:16 +0300
commit	dc1a78a2b274bad6b1be1561759ab670640af2d7 (patch)
tree	fd2468130e9cded83c2b5c22f242cca85e2e0c88 /net/ipv6
parent	fc489055e7e8abe409224ff18863999cede92fbf (diff)
download	linux-dc1a78a2b274bad6b1be1561759ab670640af2d7.tar.xz