From: Ursula Braun <ubraun@xxxxxxxxxxxxx> Date: Wed, 2 May 2018 16:53:56 +0200 > The smc_poll code tries to finish connect() if the socket is in > state SMC_INIT and polling of the internal CLC-socket returns with > EPOLLOUT. This makes sense for a select/poll call following a connect > call, but not without preceding connect(). > With this patch smc_poll starts connect logic only, if the CLC-socket > is no longer in its initial state TCP_CLOSE. > > In addition, a poll error on the internal CLC-socket is always > propagated to the SMC socket. > > With this patch the code path mentioned by syzbot > https://syzkaller.appspot.com/bug?extid=03faa2dc16b8b64be396 > is no longer possible. > > Signed-off-by: Ursula Braun <ubraun@xxxxxxxxxxxxx> > Reported-by: syzbot+03faa2dc16b8b64be396@xxxxxxxxxxxxxxxxxxxxxxxxx Applied and queued up for -stable, thanks. -- To unsubscribe from this list: send the line "unsubscribe linux-s390" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
