This is a note to let you know that I've just added the patch titled
tcp: fix access to sk->sk_state in tcp_poll()
to the 4.11-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
tcp-fix-access-to-sk-sk_state-in-tcp_poll.patch
and it can be found in the queue-4.11 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From foo@baz Thu May 11 11:03:14 CEST 2017
From: Davide Caratti <dcaratti@xxxxxxxxxx>
Date: Wed, 26 Apr 2017 19:07:35 +0200
Subject: tcp: fix access to sk->sk_state in tcp_poll()
From: Davide Caratti <dcaratti@xxxxxxxxxx>
[ Upstream commit d68be71ea14d609a5f31534003319be5db422595 ]
avoid direct access to sk->sk_state when tcp_poll() is called on a socket
using active TCP fastopen with deferred connect. Use local variable
'state', which stores the result of sk_state_load(), like it was done in
commit 00fd38d938db ("tcp: ensure proper barriers in lockless contexts").
Fixes: 19f6d3f3c842 ("net/tcp-fastopen: Add new API support")
Signed-off-by: Davide Caratti <dcaratti@xxxxxxxxxx>
Acked-by: Wei Wang <weiwan@xxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/ipv4/tcp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -533,7 +533,7 @@ unsigned int tcp_poll(struct file *file,
if (tp->urg_data & TCP_URG_VALID)
mask |= POLLPRI;
- } else if (sk->sk_state == TCP_SYN_SENT && inet_sk(sk)->defer_connect) {
+ } else if (state == TCP_SYN_SENT && inet_sk(sk)->defer_connect) {
/* Active TCP fastopen socket with defer_connect
* Return POLLOUT so application can call write()
* in order for kernel to generate SYN+data
Patches currently in stable-queue which might be from dcaratti@xxxxxxxxxx are
queue-4.11/tcp-fix-access-to-sk-sk_state-in-tcp_poll.patch