Eric reported a syzbot splat from a null ptr deref from recent fix to resolve a use-after-free with af-unix stream sockets and BPF sockmap usage. The issue is I missed is we allow unconnected af_unix STREAM sockets to be added to the sockmap. Fix this by blocking unconnected sockets. John Fastabend (2): bpf: syzkaller found null ptr deref in unix_bpf proto add bpf: sockmap, test for unconnected af_unix sock include/net/sock.h | 5 +++ net/core/sock_map.c | 2 ++ .../selftests/bpf/prog_tests/sockmap_basic.c | 34 +++++++++++++++++++ 3 files changed, 41 insertions(+) -- 2.33.0
