From nobody Sun Feb 8 10:43:31 2026 Received: from GVXPR05CU001.outbound.protection.outlook.com (mail-swedencentralazon11013045.outbound.protection.outlook.com [52.101.83.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 22A8B347BD7; Tue, 28 Oct 2025 16:15:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=52.101.83.45 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761668158; cv=fail; b=P1Ngmbgk9E/4z/ptOI+czLinprmLw9nTIF1X9tB9SKNwNba0d270AhT5gu/1g94hp89zcty+lp2O+wvRIDflHJdL26zkeVlxlvGrUoWysGC3/zlx6QmWDlXhvIm3xYsG7tcSHS9nsjnRoEIb8GO/2GKopvqPJoRaKYAo2hsVGSw= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761668158; c=relaxed/simple; bh=RSiqszUnf7XD8yTbpJnjWYQeITlWYOrpQm0TcOejkEs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: Content-Type:MIME-Version; b=Bywy2ha/wXjoZ3O7l3fEBBSaiumZBYz5Fkab4waZ09gi6vegRSJms9Vh7YM8tH7qliSWd3OIuY3Ppfw78Ak8ffjh2M027Ho06T2fD/0//wr/+uhnZPQanxE4dLg20tRA7LSofwf+HP06GWhzabZAVSu5a6+YJN3rWYLSZkz41Vs= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nokia.com; spf=fail smtp.mailfrom=nokia.com; dkim=pass (2048-bit key) header.d=nokia.com header.i=@nokia.com header.b=YKjdCrbW; arc=fail smtp.client-ip=52.101.83.45 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nokia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nokia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=nokia.com header.i=@nokia.com header.b="YKjdCrbW" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ZVMDTYTY3J7wG0+ftbYaqx4J3WpCCCsaBoAj1H9vYpfnw8XsZd984OphgP200w0CosoWpV7jQhmsCad/I5OdFMifFTvlH0Yda4VJ45B4l5+3OD/2NMt56JrK97uKYcOJwZZ/8lVsPbYIsMfbC3YxWRpjZISVQxPWuDverX/5p+S9WkT4DBtSj1uQ5PePo7j6iN1dyNiaxJqR60cEhVe7ijyzGCQmZdF5tkQYu8HkgKMXHI9iLY8BhE86eolh6aRCf0f5KGzixc6EOCCof8w6keSMPTdKfdNExpcSfp+LC4Gj5nc4LK2+C9tJRPadB4oZ4KOplqx9+e3ffenI4qOOAQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gnF+kGP2JDy5n66pBvYcaWUHvXGrqUFH6ULX6K/ANkQ=; b=JpbhdlbTELtHxXUEBUHO6JOcMa7SI08l0gdYEIHzEcHZ1/R5iLH7Dk9pUrpizFaPWNkbkrzsInZW4WX4rmf2gd1qz6/w+WzicivAy/JEPItDDZ3wUJB6/jChs6M2WRUb6+MNQsG+VFilpuHFr/acipZVo4bHtkYaSAJKAF/SVlMaqOuqaCrU2Xe4b/OrgTj6caSB83JYWyRuhLRjbZvgkRKuVDLy5Lc2UMtTpWCkNBs1bw7H/u6LxMT4VhCaRAL6/RtOLwIu/QRw82VqtKVWMtAiHs1liAaVoeGqV+EUq/L3yCw6F/kMpNpTN7rdNFLMVWDWLcUIQqLtI0Tc9kKdgQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com; dkim=pass header.d=nokia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gnF+kGP2JDy5n66pBvYcaWUHvXGrqUFH6ULX6K/ANkQ=; b=YKjdCrbW+rXVeP4ThwPYW0K2aQ0gL5hqINVO+jY029eYoYGN82HHpHVVBzqWqqK+qWzfra8IcszfHYW679VXGSowdyE02DOrY7KRyVFq5hFv8a3zGXupNNf2/G4c47gtHyo9QI0H3LK5xp5HLgJTXi8tX7qa9m7oDuPDfuTFK2MF8jBuuK+9cwfQFcCOUoFcWq14WvUEkIFouu4fOVOuMngYcBk6UMAlAlr/0S8bEaaOq0e5mVRDPF+ed3xPVxfN7eu2oHrv/LiT1vaED9KcEMcWW//2CSWkhWHG82xCebdMVsHCEEiOWMaN66D1Algee8Asi4x+j3qjnphHkS8tuA== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nokia.com; Received: from PAWPR07MB9688.eurprd07.prod.outlook.com (2603:10a6:102:383::17) by PR3PR07MB6700.eurprd07.prod.outlook.com (2603:10a6:102:6d::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9253.19; Tue, 28 Oct 2025 16:15:53 +0000 Received: from PAWPR07MB9688.eurprd07.prod.outlook.com ([fe80::3a2d:5997:c1c7:3809]) by PAWPR07MB9688.eurprd07.prod.outlook.com ([fe80::3a2d:5997:c1c7:3809%6]) with mapi id 15.20.9253.017; Tue, 28 Oct 2025 16:15:53 +0000 From: Stefan Wiehler To: Xin Long , "David S . Miller " , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Kuniyuki Iwashima Cc: linux-sctp@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Stefan Wiehler Subject: [PATCH net v3 1/3] sctp: Hold RCU read lock while iterating over address list Date: Tue, 28 Oct 2025 17:12:26 +0100 Message-ID: <20251028161506.3294376-2-stefan.wiehler@nokia.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251028161506.3294376-1-stefan.wiehler@nokia.com> References: <20251028161506.3294376-1-stefan.wiehler@nokia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: FR5P281CA0041.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:f3::19) To PAWPR07MB9688.eurprd07.prod.outlook.com (2603:10a6:102:383::17) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: PAWPR07MB9688:EE_|PR3PR07MB6700:EE_ X-MS-Office365-Filtering-Correlation-Id: 6747520d-8357-4cec-17b1-08de163d4470 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|7416014|1800799024|366016|10070799003; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?BUpUlIYMoQpnYO4ewCfZlc1xIsQwPOkt8gFS6D5d7uo2C9CH1k4u7Cy3VlO8?= =?us-ascii?Q?7o1ygPi33FgQfpMYQHgQc9gaY16qGTfV08CeNr9WbhG3VA08RmgxH5gUViQB?= =?us-ascii?Q?G8UHVhPzuf5nKG/zrhNULp2q5nI10B/EZABjYqZlIx7Tj/s8+M52uqkTnFGv?= =?us-ascii?Q?23t7ZI1jcYl3wAVkr17ukS2fClaYyuTeZN8IuH3ETO8igdTPfDF1spViqnrf?= =?us-ascii?Q?wTDY/LTGn31flWopc5vJWrfvafRIgJ8BVUrSAURIEnxVosLEjlY9C9onUCKe?= =?us-ascii?Q?u0/5WUuyUqPZjiCYvU0sL07DypKEdA9VSaSDrHPpJ7kzZIEQ4ZCv2FFoQNni?= =?us-ascii?Q?x8Cafff+Ptk2dfLvH9MX/SSPblHn1Qs5TH4jQ2tVL2CGsvlDsVU1UPYmWKtG?= =?us-ascii?Q?Tme9UFTZlHf8EL9/3zidYjkKosI+xu62zuvitkt1ZEAM1eh7OGpFy9D0Ms1V?= =?us-ascii?Q?zijYhCWC8x9OT3qq2DkPjOQ9GZjREofzyH0RbpzDXxEpzixR2hyQpRPgaJI4?= =?us-ascii?Q?OJtS9aCXSOCteAZ2eHJoMZAgSo0eq9BzXQlucLHJ51f9zzC5fYuqGa7R0PWL?= =?us-ascii?Q?Km3qp/Du6m6kMat6jyMFCsNC9KkaWah8cfhhNAIYlUlR6g8e76SGKtEZ2Zeh?= =?us-ascii?Q?hkrRf6EI4CVM8EeIXK9GhwrWMNwdi5MsM1HqmKGw25wWWMVz16ZO791XtMhB?= =?us-ascii?Q?wWmJ2xfX9wDsC/HRh9KXJmVvgrriyhLyZp5BGMPs8hEVEkAEmXn7aOP9yV8G?= =?us-ascii?Q?6iDW8ME+52PGWeDgWJ2aWW44lla9Ga1yDZCNyWs91uDXBRXym83U+zrTuuGA?= =?us-ascii?Q?BHTUOIc7tGemxy3COSZGXMqzhuIvYQBAbohZT0dffs+oQ+vRNld7iyFp11bq?= =?us-ascii?Q?s1RwrEpOBVqaJjC+ogQ+qlxfAImh64i4b+jhL73Wse91i30xVMw8Eu3hqLdm?= =?us-ascii?Q?T0FMFD08qohdXx9ZV2pFNIlvVUQ4T6Y3Zq2IBcOnumcbVRSli/Cx+qlGr9NY?= =?us-ascii?Q?909OHeV9xpGtVZwNyW5pPIR4VJR0QktSdZYklMdROlrrf0iA4conDNkDtAEs?= =?us-ascii?Q?ZBsTjXodaqTjZ27nHqjDv7mAI0i9WHEE/JfVJZStpwHrhNAjxig3Ml6aiVNv?= =?us-ascii?Q?ayr1LnfFwkNlsyCjbWEuuvzQ/fHhQQrscs49nTCbxjF7dZ6oe4usqlpYVTg+?= =?us-ascii?Q?1DWAQtpCj1nPH+/Uq2j12vWMlABqo16ED7XfU1aAxivBbOnSs6toPGVtppG/?= =?us-ascii?Q?R6Ceit5QVsr0uxja0LDeM+c7YHFfMbgPsJSdzN57N16uX5PTZiujmC2SIAyA?= =?us-ascii?Q?sd8GWmzS+lKLpwPubqJY5eA2x0GEi20zQX90xl5zL0DVGMIouq9gaGjY1F77?= =?us-ascii?Q?zuBCH3XS8Yl18Qybd+PG6c5Y5v/Tc8TOqiy7W3Io22CQK+hxoeaEkJm/ZvbT?= =?us-ascii?Q?NmXIaFvjWgSF6z7m6pTiX3nePjvp8eo7?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PAWPR07MB9688.eurprd07.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(7416014)(1800799024)(366016)(10070799003);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?wQj3gnILy99vOF8biCXPz9fFoqRqfLbRaN/UzcVga+Dazj5T/boPjeUZBEMf?= =?us-ascii?Q?3vFT7/+ZMViT93WxM20G/yRwoShvWvvrz86vAwNPPMdmFAEbAgt3SMkRc5dz?= =?us-ascii?Q?9dOKuyZK+xCnbNM361XFPS2Lp5FkBf940y6qIKUOw41BooJxwDm7DXdThRxR?= =?us-ascii?Q?Qxp/vzyz1zK0wM2upBJtgity1YbsrD1LmH/NVMYCq8FOHxah5FSKOJIrAEC2?= =?us-ascii?Q?cE65YgjLvtWOffzHP4EFMFGdSaHKJOGpbciioOfJ2fmiRZIY/ssMpBAkyvi0?= =?us-ascii?Q?1+4gq/YaXsmaY3nge2Kg7enwO30P/MTBMiZ67mCycsztOUqxbFaCT5DT+GUL?= =?us-ascii?Q?kNaiRbBTvj1lIIJLE/GcGVKJukS5VF0iw7TneryKLEx1exWitCCLbrKd8V8P?= =?us-ascii?Q?QPQUkgwReIg59+eAEtJvP2P+AOX4J1A1fd14bSuHkkp3oZFh/R+KqJsAwaIc?= =?us-ascii?Q?xbWV1KEHkAJwVg4srzNWtPPGJK8juvYMeu5q9sKukSYH0C5xHIEBmil2NKYD?= =?us-ascii?Q?/jm6P84FgLpns5EIevfYcm/h7cs2j/IOWUPzyZD5EFtggsrVxPEDTDJBcaLP?= =?us-ascii?Q?QgbIFMgZ5QYDKJum/Ts2xPK5cMrQHkObkR54R+7pYpuPPvBJEx8GtzTGhFg8?= =?us-ascii?Q?42HHqKhmesmlS9RhiSt/LvZsvdIwqmVSi3Dedo7WLRxwEtfIudKJrPd7DHKm?= =?us-ascii?Q?fiGggkiI7Fsc7Gd+j/J2yxmoEgL9EszfkYOfGR5DYseRRAY6uq7YFBh49ssR?= =?us-ascii?Q?ghoZxNPk0TgXzUyRyVm2YTKLVu39ng/NTpxoXgsgoEu0fjwgb0JbopsbTa8F?= =?us-ascii?Q?52TsXGcIe23jIGXiVGFD5e8est0EL1aO4/mYm/OzAeb2zfuqMdfqIF91XDK5?= =?us-ascii?Q?Y3X3Uf1JHIE4KNtxN/3W31QogICZvOYHEGcN0CwMPgmOEIdIKhqEgZ7qFlHb?= =?us-ascii?Q?zFFEA4TdPEctx3f7xTufms9JPuU2hpOdt1W6YNxf/YlmnOW80C16nS7xU7uQ?= =?us-ascii?Q?PXHbO4De09hXOTo1Ug633VIiTbW/PvE2WHO6hNWs4p/X5R2aXBMpXdCMCzRs?= =?us-ascii?Q?YkVb1CdNkGb0z3coFx+eDKujNIjIhFPnN8S4wFEDrr1h0EAvNJUrAVHJdcZu?= =?us-ascii?Q?d6IfAu+0dw2AKfJRYv8reZtHb7IQu4llLgRwdjob8JwN7yV1x0O0gr58AYfH?= =?us-ascii?Q?covgPhghwpfpf3r9nchaT0zEnufuy3CKHnOVmyPmdxOIlnVCxFaU9nwJWnpn?= =?us-ascii?Q?ALL1qk2sNqR2F1RoMIwcDc70d/vrCBMedDI0LdyHs/grLGWM6byqc7nI9Zb9?= =?us-ascii?Q?QfpFauJKharibk76zz3GdkdgoIrl3ADfn/NrXZ0+nKxxZlQlx5v40SYV6CAj?= =?us-ascii?Q?kb8MtYpqnHFMuUSd705cD/rnVYNOIJMvNsfpVd06ajBCwMKb27CKAhxd99r+?= =?us-ascii?Q?M1xXM4AWSKM9eICPIJoZN49IT2lFMBBGVRMhluJd24QfehD1awmYMndRCKCi?= =?us-ascii?Q?p1lwOgWDrxlIeigt8M5JjJGUCQz6+iCQUTAc1sj4Fmt8V/yczBFZiFZRi6TL?= =?us-ascii?Q?LAfBVIhurm0RuJ7QOsTT1VO9C5wi35lA82HJ/C9xdO/HhEOaKdp/Z/3dBZl3?= =?us-ascii?Q?q1muFTZy/wCLgXrhW/4UHZHrMyZg4HqV2VaFVXcX8U6fl5A9pHz+HgPUaxlp?= =?us-ascii?Q?F6zJBA=3D=3D?= X-OriginatorOrg: nokia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6747520d-8357-4cec-17b1-08de163d4470 X-MS-Exchange-CrossTenant-AuthSource: PAWPR07MB9688.eurprd07.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Oct 2025 16:15:53.1921 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 5d471751-9675-428d-917b-70f44f9630b0 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: UUJcyB3YwVJlMtLkxa3arkssngJcYWvj6XAf6hfS5A7eW3zbHoip/L+M3NYLxh4t5ayvJU/pO0Lc1EKjw9y5C9+WvdOHD+GWxS3mZZXLcqE= X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR3PR07MB6700 Content-Type: text/plain; charset="utf-8" With CONFIG_PROVE_RCU_LIST=3Dy and by executing $ netcat -l --sctp & $ netcat --sctp localhost & $ ss --sctp one can trigger the following Lockdep-RCU splat(s): WARNING: suspicious RCU usage 6.18.0-rc1-00093-g7f864458e9a6 #5 Not tainted ----------------------------- net/sctp/diag.c:76 RCU-list traversed in non-reader section!! other info that might help us debug this: rcu_scheduler_active =3D 2, debug_locks =3D 1 2 locks held by ss/215: #0: ffff9c740828bec0 (nlk_cb_mutex-SOCK_DIAG){+.+.}-{4:4}, at: __netlink= _dump_start+0x84/0x2b0 #1: ffff9c7401d72cd0 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sctp_sock_dump+= 0x38/0x200 stack backtrace: CPU: 0 UID: 0 PID: 215 Comm: ss Not tainted 6.18.0-rc1-00093-g7f864458e9a= 6 #5 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-= ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 Call Trace: dump_stack_lvl+0x5d/0x90 lockdep_rcu_suspicious.cold+0x4e/0xa3 inet_sctp_diag_fill.isra.0+0x4b1/0x5d0 sctp_sock_dump+0x131/0x200 sctp_transport_traverse_process+0x170/0x1b0 ? __pfx_sctp_sock_filter+0x10/0x10 ? __pfx_sctp_sock_dump+0x10/0x10 sctp_diag_dump+0x103/0x140 __inet_diag_dump+0x70/0xb0 netlink_dump+0x148/0x490 __netlink_dump_start+0x1f3/0x2b0 inet_diag_handler_cmd+0xcd/0x100 ? __pfx_inet_diag_dump_start+0x10/0x10 ? __pfx_inet_diag_dump+0x10/0x10 ? __pfx_inet_diag_dump_done+0x10/0x10 sock_diag_rcv_msg+0x18e/0x320 ? __pfx_sock_diag_rcv_msg+0x10/0x10 netlink_rcv_skb+0x4d/0x100 netlink_unicast+0x1d7/0x2b0 netlink_sendmsg+0x203/0x450 ____sys_sendmsg+0x30c/0x340 ___sys_sendmsg+0x94/0xf0 __sys_sendmsg+0x83/0xf0 do_syscall_64+0xbb/0x390 entry_SYSCALL_64_after_hwframe+0x77/0x7f ... Fixes: 8f840e47f190 ("sctp: add the sctp_diag.c file") Signed-off-by: Stefan Wiehler Acked-by: Xin Long Reviewed-by: Kuniyuki Iwashima --- net/sctp/diag.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/net/sctp/diag.c b/net/sctp/diag.c index 996c2018f0e6..1a8761f87bf1 100644 --- a/net/sctp/diag.c +++ b/net/sctp/diag.c @@ -73,19 +73,23 @@ static int inet_diag_msg_sctpladdrs_fill(struct sk_buff= *skb, struct nlattr *attr; void *info =3D NULL; =20 + rcu_read_lock(); list_for_each_entry_rcu(laddr, address_list, list) addrcnt++; + rcu_read_unlock(); =20 attr =3D nla_reserve(skb, INET_DIAG_LOCALS, addrlen * addrcnt); if (!attr) return -EMSGSIZE; =20 info =3D nla_data(attr); + rcu_read_lock(); list_for_each_entry_rcu(laddr, address_list, list) { memcpy(info, &laddr->a, sizeof(laddr->a)); memset(info + sizeof(laddr->a), 0, addrlen - sizeof(laddr->a)); info +=3D addrlen; } + rcu_read_unlock(); =20 return 0; } --=20 2.51.0 From nobody Sun Feb 8 10:43:31 2026 Received: from GVXPR05CU001.outbound.protection.outlook.com (mail-swedencentralazon11013045.outbound.protection.outlook.com [52.101.83.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 22C93347FD0; Tue, 28 Oct 2025 16:15:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=52.101.83.45 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761668160; cv=fail; b=oPNDIQkxw6MjfBZdzzQC1T3vfN0Atc+0ro7c/pZvqUSeYsKw5ofFWIMgKhuCtEEdcvxvnsEJvbyrgAQij0cGU3PxYw/BXifTaA8oX1nEIZ/JkxKw5BScmP6MrwN4b+aqzG7UBms0/XRT9bPV9QK02mr2e89Zr2ZgoembzqnXHpU= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761668160; c=relaxed/simple; bh=f6COoE/suGtVMFTcgl9zh2hdgjt75Uh8HaDCkC9Oxs4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: Content-Type:MIME-Version; b=P+oCmA11vwaSIMoehwn8bNHP771VWgQ2i+2OZMzvdNlNqX7up+E1/UqLfIo3FpmK29+thZtD/F1QFqFZtfYstkhITJNZcY0eACJkRH/SIN9c11ZLXmRK5tsy71AbGr87GIKIF9VaKWZblSzgK4mwTx5tNf8O5/evHiUgUItMOIo= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nokia.com; spf=fail smtp.mailfrom=nokia.com; dkim=pass (2048-bit key) header.d=nokia.com header.i=@nokia.com header.b=lxO7ptvJ; arc=fail smtp.client-ip=52.101.83.45 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nokia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nokia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=nokia.com header.i=@nokia.com header.b="lxO7ptvJ" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=DWlGgm91stXMn4ct+Mjb6fRG0WqfnSZpdr+XmBkrLRV7ubjpDXBrKwHK8KOy11W4sGtOlhUXBbVhp+DjDr+RejZey+92OIKOTEfUt9PX8RwWkc5yuL3N4FIGGO989tCnKI207NDmO/WJ56p/ap/l4OPkP0C/I7m4OcKz/zo/rCujrnX3ozstUUT+M4ihZfSZfNBsRt8N0IfRYcz2DXXa9EQA4rvGfz5AYMltjWQboNAnhuimmTbCQKNErrqg9HuNAw5BZeoeerSH9h8YKNc64dQ3oq4JgdwZ0daIdkjVEkaUerwUPtrcQvkQdqKI1rgJgtVMXi31rVHyO42TI364EA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BHUiCfDrH+1KJgJ9XrUZJ47ThzNmw2hExd1o34oB3W4=; b=syACDFSxY7RTJttmVLhX7IUURu1LDqAFbjKDUu4xE07lde+aJymrxhti0mRfgquBuCd9A0BUCIPzfS0MNLwT2pEeGq5+X24NtsUquXRmwleEQlwJEtHnO+g7698hByjTehzU/elNieKsfWG16lMtFpDbQQsoQOc/sTqoys6gQdF1dRBGcpEHXMvJLv6z7asAISRxFEWtVEHcsy3P6uIQMM8S5QMxhDAnrfaCyDsSPplGcgaN3n+ZZR895ow600Ejy/kpbB5Sj3dVMNUwIceh2/Nj2RRmHgA6YOq+OYiKee301IW7LzVULTNGlY8ro9/ZPeyrlg3PgFeBuUm/rM07mQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com; dkim=pass header.d=nokia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BHUiCfDrH+1KJgJ9XrUZJ47ThzNmw2hExd1o34oB3W4=; b=lxO7ptvJOnzR+HyphceVHwO0pdidPahb8AAAQ035xaTlN7c/mewupstZ0mrt4324QUJDH4P7cByguWkNb69Ymvfrabak9nP3mwSANpRrzVcPVNQYxjh7GMh/5zcI0rWS0J6Z5046AC0wG2bYCwJ1AOkSChVmscLTIwscdwd/vwB+0XAdCvvgGOvhoH7p53mu/JMSR+PubYz8pN5O/UpMl0ArvrgWgvtWTk+Y5DNW9Iu7xDHHYNABDTB67NEuY6km5g9pMvRQIyjvokLF9qtAF01udzqaw6yxO9Iijxm8moN65DrvfP9bw+YVx9ZAWXEvCRlZLEKZtnAo90Mmlz6NoQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nokia.com; Received: from PAWPR07MB9688.eurprd07.prod.outlook.com (2603:10a6:102:383::17) by PR3PR07MB6700.eurprd07.prod.outlook.com (2603:10a6:102:6d::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9253.19; Tue, 28 Oct 2025 16:15:56 +0000 Received: from PAWPR07MB9688.eurprd07.prod.outlook.com ([fe80::3a2d:5997:c1c7:3809]) by PAWPR07MB9688.eurprd07.prod.outlook.com ([fe80::3a2d:5997:c1c7:3809%6]) with mapi id 15.20.9253.017; Tue, 28 Oct 2025 16:15:56 +0000 From: Stefan Wiehler To: Xin Long , "David S . Miller " , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Kuniyuki Iwashima Cc: linux-sctp@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Stefan Wiehler Subject: [PATCH net v3 2/3] sctp: Prevent TOCTOU out-of-bounds write Date: Tue, 28 Oct 2025 17:12:27 +0100 Message-ID: <20251028161506.3294376-3-stefan.wiehler@nokia.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251028161506.3294376-1-stefan.wiehler@nokia.com> References: <20251028161506.3294376-1-stefan.wiehler@nokia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: FR5P281CA0041.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:f3::19) To PAWPR07MB9688.eurprd07.prod.outlook.com (2603:10a6:102:383::17) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: PAWPR07MB9688:EE_|PR3PR07MB6700:EE_ X-MS-Office365-Filtering-Correlation-Id: b9dae2f4-5094-4863-8f65-08de163d4626 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|7416014|1800799024|366016|10070799003; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?1ry79waZhLAVyQCCmL4D7DZOH7wXpJSGcmwExnZTjvDTP/nDKZEZFccSZmy6?= =?us-ascii?Q?Jm2FOvPp6oe3B4XKrDM3/9Gr/a0J7h6ZvirtC5cETDB5bDP2NmndO3PZWysl?= =?us-ascii?Q?UBfk8LjI+54FIBlpipEWWJqpZdIPtn+ZE0MqA7VYR5GEdTSsjCyus/NM0inP?= =?us-ascii?Q?2HkCtEimIN7vO8fx/VH5M63vsI7HyH0sWDURxsgaa20KyCgoKaNj08aq1JRH?= =?us-ascii?Q?L0cWs+wlD+DWCatmlaJzn3/+ePozS3sN2bU740GiVLo9Knb94Vh9d7MgMLtj?= =?us-ascii?Q?UOnyrAFnerUdSXpdECshbtDGcT+lw1ID9QwCWnWMa89rZgO8kbKMXjGpS45H?= =?us-ascii?Q?b/OBpLG3piaiTnbYuvYpT45WbMZsolZzG4ly8hWIDezaHw1QtsidVmeHWyt9?= =?us-ascii?Q?SMcdCjFhfZ8dBjxXcxMpiPmWF8/2uY8A3fMBsEFeTIFwVbjVv6MxFMbG5Fqc?= =?us-ascii?Q?/KdD6JNvtUy23qu3bvMHlRtoAbdr6/WUjmgUFmxISIfxvTZ/s8cnBLEpTZpY?= =?us-ascii?Q?VFG228K1vih3tBpsHT65WfVSqKi2dpM/aKWXbfubP/WOprbTXbCVs3XO4C2j?= =?us-ascii?Q?NveTd9giREKV1aFuYYOCoodvzxFCZJssWZcBde6oh24R16/KVXEZmjxQ2HWW?= =?us-ascii?Q?dSSQxso5NNLKTn48HnHlvfCFdAYk/wy1H/C7ij5M75X4L79B4LSoO4TLviH4?= =?us-ascii?Q?IhdZ15nAXG9QMY2rd9w8K70D957D0vLD/q70jUAitrt1SUZpw8+Ff2cCLgSy?= =?us-ascii?Q?3ZX7najeWIjKuCxmWyPbSjE60tyymRhIoieT+klqoOnk97IGvEMp8pPqh72U?= =?us-ascii?Q?Qae9KdjNlBJMxqMtSDa1A7y/NSY+aNCsdE1B5pzAfjLbNLu7utZWhfkyLAMW?= =?us-ascii?Q?NtIfmVwVBRoT2sKaqdjGgk422azBBZ7NBmtJPkyheLWN5Fwc8F+wi+XJj2NV?= =?us-ascii?Q?Hpivmi7c+D0mMTyTk5yk1XhzTBf8zrGUIFdzvKCw3PtE1Arv6rQ5ykR2/0I0?= =?us-ascii?Q?gDuB5kZmE3sprF80OGZtsBcjivGBeGI8/HRAvGpMrlpxyzYsZm7qKISm32Mo?= =?us-ascii?Q?gjIRcjcwZQLCwsHiIe3g6yQ4hKr5FSYIetttrow7LBR96xkhqsan1i0LI581?= =?us-ascii?Q?fR5rIPeOJuhSdsqzc81LxjQKzC2fc21FLo8LdL0i+XW1t4ybHyHYQxjyY7/K?= =?us-ascii?Q?Dke3KimxVncQfxT+BQLBWCNEoKtVrPVn5+BnW2to4nk2hEORu/jllHJ1gTVC?= =?us-ascii?Q?CuisGPdjYseZOJVcEzCjC+erA4UEdDoFd91Wz7mlATfKn0kd1T3GQo8LBRaX?= =?us-ascii?Q?2VyNS0RvjVm5izuZEPRdzeDz0Mo2NkklHfE/RXGYB28htfrFcNZjqYu22w/7?= =?us-ascii?Q?YZanlRrFgv02luEyvOzimxaNyAyYevWO5MpTPqTxAq7jC7/Wyr7EZ81/BdSF?= =?us-ascii?Q?aU7O8wvdiadJEEtNtLGa3gWcKRHBGJIF?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PAWPR07MB9688.eurprd07.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(7416014)(1800799024)(366016)(10070799003);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?Skp6sgeTbX2lsK59nnj8twYHgHTFZ9+wqJNklTrEzb4Dkw8C6KAKmKrhlXSo?= =?us-ascii?Q?5K2hJ6Bk6r0Oh0YPuiarzQEMsudESVDIlVXZzvhcVE5n6QENqMGCjOdBzmTP?= =?us-ascii?Q?mFTmOay92nT2QO9VLUIQjQ/AAKu1OyyF0L3DecfhJRyiHjUQlv1o3hge6nrW?= =?us-ascii?Q?tbb7mtYMsHTUiHPXSfal2nMvb4GKXPCz2qDC3xs1vDsbhwgdiz6KOSr+2UYN?= =?us-ascii?Q?wvqP09HT+1x+kxaZMQsWVRJ7BYIsKUzq60NETt/5rFiMkoeX6v9aD3uhznSB?= =?us-ascii?Q?mygPOB0ehvRZ9btllK3aZ3NREQ0uOwJ9aMTGMP6ntlq9oqYK1T0jq6l2+0H2?= =?us-ascii?Q?5nFsz9HMzLPxD4gZg8anWAL6+s08aRYmJ0AJy0NDU/Z5NiZfEc72QblSKK8O?= =?us-ascii?Q?vzjVKeyMcQwd8mL6cTdncJP7oh9KhNUnIMAbDUhc91bW/fwlI66JW3yTMPLA?= =?us-ascii?Q?doJun3xbaCP6QWYA4ZqsYoS9pZyjMteG4SQmEsnNQOsj0TDJbHfmhyCEJyqu?= =?us-ascii?Q?3NvJsCcv/1weE83rSxUyPK3TR+7bgTchrSHPXl9YXpPQ7jNwTQ8S2NgCn9cd?= =?us-ascii?Q?I2J9RFQAQriDft7CyZw8kbC21XaMyssfwiOKTtKy+eKVmIpClnAJp1B4x98F?= =?us-ascii?Q?7IRhJVuYEDj4jdS7HkKftngTo6G9HLVOjNAB4aZTDx8+//20vurIeZGnMxfz?= =?us-ascii?Q?K5b1eham928oH25DEB9IrCloqI4wfIH5yfoq5pgXt8SYEHL2rA8bswJWG8G8?= =?us-ascii?Q?mYv9bQ7lysMpCYHcXCW/76YiPl+p1iryZQd6s/N3P5mPrt28cfVMtmyB5OIW?= =?us-ascii?Q?JyZSlBgRS1jyeJYEHGEDAB84WFuClbIXRxX/xAm7KryTDBhHOZa7FImoFWDm?= =?us-ascii?Q?2YS738Bzi6l5sM5DvGNjlyNBvjchPdSpiKKtwiTLnhlSeLgbm/1ipIYErTLs?= =?us-ascii?Q?UmcG4uke6X4Ti6+/W0eTkafImGuLd3L2gAaJ4YoFpaG8P+QJUZmXR5y7ZYxK?= =?us-ascii?Q?k5d4sPe8CDZuxTtLKu829SVAW+jOy+ZuRem8CQBvzA+H1m4++g6vGdrvbhk/?= =?us-ascii?Q?B2+oVmW9Aq3rKl5EH5TPzFzXT95ehLiQcERN5aPckea6ywzYkNxfKSxEm0jv?= =?us-ascii?Q?feY/Dna+0x/hilaD7y/68VGN944qiTEV2nh6xFAJ97Xy50UavS++jpStMWry?= =?us-ascii?Q?ATFTWHNulAp8f5a6tc9INtaCv6DILC6TNuVJpCuCz80hcqMZsYN/W6Ma4t26?= =?us-ascii?Q?IjmsX+9PY8BP+nbzprOvGtDWQRZXEMryedZf+AFOQQ9y3NZ158UiX5VDRNyC?= =?us-ascii?Q?NF2TD6Z94S2jqKnijYz89he7wyhfsVHe5T2cmUJlrFHC1jYZauTRdCP84lLJ?= =?us-ascii?Q?ZIYY0OgEUcIhtHffZ9zVZVWAdXstaaRVZkvZfVSi8SaTEASEMl9N8pz+nSmr?= =?us-ascii?Q?fQH2Jq7MuedkKkM98OKp9IAbXvqBkEpdM2OiJFnMtrD8987EjRsX4u1HMRWi?= =?us-ascii?Q?hIxCJHHRke7MRMAAOqcBSSb6LpQ4pIBug1Z+gpzGE8LXLJ3UIh1FFSrmZAA5?= =?us-ascii?Q?hFZwmWjMPC3UrgCxnAXYVS4O6VwJGAkLY0fLN1UD/at/SZSb7dbhdr0g8UhW?= =?us-ascii?Q?InrgmiKYQcZCPES27mtVueW3g7pX8pmYWx7gkjX3IZG9P/dEsXGoDepJSBJz?= =?us-ascii?Q?ZMeVdQ=3D=3D?= X-OriginatorOrg: nokia.com X-MS-Exchange-CrossTenant-Network-Message-Id: b9dae2f4-5094-4863-8f65-08de163d4626 X-MS-Exchange-CrossTenant-AuthSource: PAWPR07MB9688.eurprd07.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Oct 2025 16:15:56.0239 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 5d471751-9675-428d-917b-70f44f9630b0 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: kB1wq+q5ogcTBhrDsRLXgLcYElm/4GucMaLKbTMBRzjT7UfkoA52z18fTxTgobkWKJkKc+L0dH034rZrP+Fj6b1RDeCdMx1qdgY7x0aiQr0= X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR3PR07MB6700 Content-Type: text/plain; charset="utf-8" For the following path not holding the sock lock, sctp_diag_dump() -> sctp_for_each_endpoint() -> sctp_ep_dump() make sure not to exceed bounds in case the address list has grown between buffer allocation (time-of-check) and write (time-of-use). Suggested-by: Kuniyuki Iwashima Fixes: 8f840e47f190 ("sctp: add the sctp_diag.c file") Signed-off-by: Stefan Wiehler Acked-by: Xin Long Reviewed-by: Kuniyuki Iwashima --- net/sctp/diag.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/sctp/diag.c b/net/sctp/diag.c index 1a8761f87bf1..5d64dd99ca9a 100644 --- a/net/sctp/diag.c +++ b/net/sctp/diag.c @@ -88,6 +88,9 @@ static int inet_diag_msg_sctpladdrs_fill(struct sk_buff *= skb, memcpy(info, &laddr->a, sizeof(laddr->a)); memset(info + sizeof(laddr->a), 0, addrlen - sizeof(laddr->a)); info +=3D addrlen; + + if (!--addrcnt) + break; } rcu_read_unlock(); =20 --=20 2.51.0 From nobody Sun Feb 8 10:43:31 2026 Received: from GVXPR05CU001.outbound.protection.outlook.com (mail-swedencentralazon11013045.outbound.protection.outlook.com [52.101.83.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 13AC9347BBB; Tue, 28 Oct 2025 16:16:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=52.101.83.45 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761668162; cv=fail; b=RvnvBO/wgTXfjG9CQ4MNCuo9oOrEFDaR9faFecue9SMbceiq+rAK9XD0F8DCNbxw7SGCBWA4Gsb7/69sSsbPsaX56k3il34f6XxpE3JxwxzHKkOjvu+54XW9QVGDLZKC731luO3muzoZYYIVfFU/0MgUrM/WX9k1RW1dUoIToFg= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761668162; c=relaxed/simple; bh=r2yDx0bEp+fPb8gdSvtogAQ6Xj69fpn9WGfOeKfP80g=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: Content-Type:MIME-Version; b=TMBPYa+QxAkX3SiL55XfYzuxQgTsopMLRI9TinH15haG4mo8G/ddaMIGewHhIf1Z5Oz0jZB5kFzobsL6cVYxYb32J1e3RswLBw4CBtGHdyxLaWuQzkw0dCfgunX3CxxyVE34kyFwi609o6tuAaKnVY8aq4ds9MlCrUageJsdDCc= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nokia.com; spf=fail smtp.mailfrom=nokia.com; dkim=pass (2048-bit key) header.d=nokia.com header.i=@nokia.com header.b=M6SNY1UG; arc=fail smtp.client-ip=52.101.83.45 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nokia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nokia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=nokia.com header.i=@nokia.com header.b="M6SNY1UG" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=U7Qya1U2HBE7vY2W3mcGX6o3PJ0wzUZEroazqU9Ar7CPb+51VeIm8ZjLdGnP+kN9UoP+n3NaHjSxfd6XDJW94kwGPtId5RJkCRDNePelaHDnj8voFzIf6fBRrCB8qSWe6JTDxPodwq9r3fUuK3qwXAZ8WB42kMm+foNrCo4Tz2UnnyCxLch1hRCLbtQszlzsSWxOKqLvy9Fn3Zt3Nx2byjVZhHOr8IDZ1IYpheEal19MoFds6dUXorpCMPT0qB+bwDGp1j2TLECz65pVhsK0mfx/DyxJ6etGPyksfdmIeM5UgZ5LiPjLH/JRXWX8LdgmKUEl4Wc3cSwoUAoGUAw4jA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=e5/3zdzNq6iIyG42gPPVTF2T2aa7ZKy7W3xb1MYVdK4=; b=f0E78+Hp2IThpxOyAVMnbXIjJVZyDXzxfDgLf2X7maOT768nzTUvSzrHPGnz+qQdp0OmInX4zTfC5xYpVJjJtCTh30fdQWAeaNP8msSudPV/1D9xSGGnWinhwCo81rop1o87s3GhRUyWM9Qo56VnVIaBy0zmbtnxs+eyYqz2XEz65rOXXdzSiLtyZRemhpDQKKraTAa/1h1HWhN7+S2KlhntqjJE11Uqem509eMnBcQmnt8EEkLix2pUFt1G6mwBhFs2OUKHmvUubq7lGGlyAGpB8t4WojW+JNJBUJ1BPtPLFsws7ujeypULP96PNAkkXNLoiF21GJtrzyYvwwfUzw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com; dkim=pass header.d=nokia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=e5/3zdzNq6iIyG42gPPVTF2T2aa7ZKy7W3xb1MYVdK4=; b=M6SNY1UGwdrKU2GuIMFYlp8zw2G1bN/EKh+1SOyzeG2r8EJ9ZuAa0jWOOfly6/cQeCiGTdswVyEGaawRq+uvrgHB2jTMBzJOtnY77JUeHaan53IgWq91pwGYuafSvcYdFNVjTHQOGMAP/UCXN2VjC+zwJqU22qKVqmVnjl8mlVvLd1/CKcCChUKAcCdoxdMha2E3J0xAupzixcK/Cq77YUFcZkJVEUewqC+bIxk8/NM2DY8EWq7XYxAWZ4gZd0Pdz0Ret2xe6G8RnnEoi6iZFSM32HlcBospLJ+WJroyiu8EabIwdshD47Nbr8jWdGdb2hbfdF/1L/rSj7IXt+SQxA== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nokia.com; Received: from PAWPR07MB9688.eurprd07.prod.outlook.com (2603:10a6:102:383::17) by PR3PR07MB6700.eurprd07.prod.outlook.com (2603:10a6:102:6d::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9253.19; Tue, 28 Oct 2025 16:15:58 +0000 Received: from PAWPR07MB9688.eurprd07.prod.outlook.com ([fe80::3a2d:5997:c1c7:3809]) by PAWPR07MB9688.eurprd07.prod.outlook.com ([fe80::3a2d:5997:c1c7:3809%6]) with mapi id 15.20.9253.017; Tue, 28 Oct 2025 16:15:58 +0000 From: Stefan Wiehler To: Xin Long , "David S . Miller " , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Kuniyuki Iwashima Cc: linux-sctp@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Stefan Wiehler Subject: [PATCH net v3 3/3] sctp: Hold sock lock while iterating over address list Date: Tue, 28 Oct 2025 17:12:28 +0100 Message-ID: <20251028161506.3294376-4-stefan.wiehler@nokia.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251028161506.3294376-1-stefan.wiehler@nokia.com> References: <20251028161506.3294376-1-stefan.wiehler@nokia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: FR5P281CA0041.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:f3::19) To PAWPR07MB9688.eurprd07.prod.outlook.com (2603:10a6:102:383::17) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: PAWPR07MB9688:EE_|PR3PR07MB6700:EE_ X-MS-Office365-Filtering-Correlation-Id: da577d46-607e-4ccb-4387-08de163d47a0 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|7416014|1800799024|366016|10070799003|7053199007; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?y78IfEPVRtMeLiXOQ0rg8rYQEV3kVA/vZPESzyWNLtmY3cucPLLSsCmRbtCv?= =?us-ascii?Q?OFanU+wNtFrTyYjwY1UZvO6GCiFgOE84Q+jL3PeMn3toRZ7qCmwhVLjAVyfH?= =?us-ascii?Q?Uayct1hdEP+DBFzTXaN0bLZ/H/XPtG/Ynw02MpdX1ZVaFe8O/WJ5SjRjO29R?= =?us-ascii?Q?3eOvtf4YQjswlj7IAOditsRElpA75Z5V/BRyyq4A/unuIv9aBjMYC85KMNar?= =?us-ascii?Q?IOvoROwXYFwztlX8fok6ZoxKya6TBC3lpujyl+ajOvLLEqbUpMjbbxjSH4ft?= =?us-ascii?Q?5YFsLPDx98PlYXvZB/f6QfnoBpWxyN8Vg6W0AP3Kzw3Bv1vS5OsDoHk/1H7K?= =?us-ascii?Q?If/+0REXA2/gvh/xQVSzKveYapBkVSgrt8jG0HLR3PqUlsalJW81ZUhb8UiX?= =?us-ascii?Q?WcbnFL6kyXpC1PDVfy0xTvxr4ywn5NLnF2xLMXA+8CsT6I6eYCqHNgB4ea+y?= =?us-ascii?Q?A1GWd7WpCFmFV9ylw/XE08CuPcthlyIXJiO6/AysM5tbqBWD2W+VolN3/dAS?= =?us-ascii?Q?udFTZmHsZSD3HDhXj+dEE6BZALU3d8yUzBW0+OHwsy9ziaOp02ot65kuISiR?= =?us-ascii?Q?3zyRPF0YRpz7iK6K55J/Lh0mA/Wu7uQJx99cI8kNsHKmEWE6SaMaL7DEz4bT?= =?us-ascii?Q?oLAiDJ8msMZ9QQ2uzwjMm93R3mXjmCKCMsEsmcZP4JK7oynMRJPC5QrKJ3Uc?= =?us-ascii?Q?trhSaEmdE9Yd9193OuPAagU2tncuI4dAPyco4oNXiYA5BqjSaFCkyZ5IoBRs?= =?us-ascii?Q?OtRXIu0QImURjHXAVyvxsbDqe16lp+vkUUAObuPLzYgHQvtyrggbZYtlDaLf?= =?us-ascii?Q?prz47jB2Z+PNf7wvAyaLC+3sACm+Y/ZU7c10OzHjvMLPlhWJ3NgMymL4Dd4C?= =?us-ascii?Q?b1+/OBwsvf7dmkJm3pShFete4G0jFRT8tsnSZ2z2UnxYf0bZXxYaXinx4Pj6?= =?us-ascii?Q?RLrfKOWg0+AbK99cU7CXcHuOEiQb65/Of46AitRG6nPIrMFFk8mbN+wUp/1Y?= =?us-ascii?Q?WIs8c48/NxMGISOTe9Nkbz/NVUny5yX23EA6UTAWNUN3uuAHO1kB0/T8rLa0?= =?us-ascii?Q?UcmFyOvL5lFarpMT4wDventSCLuHj0skjNJiaPHBPLr/38JfkxOZWfWLfiFj?= =?us-ascii?Q?9mYs0VDxLVYwsrvfMyvQT6OghygmEsKJdfJN4UhoBnVKtV4FL7rv0tBow6HD?= =?us-ascii?Q?VItP39XRDJPLsAypng4VJhG0AskuuYLJoH6KsSc5Esc/ZHK3Goumpbt9lqlj?= =?us-ascii?Q?iJnZvsYzlTydzCeb6xmLnt6Y7GWQD1DxUKxRR7phlpAROoGCDMMn6IgRhRSA?= =?us-ascii?Q?F85qS2dkVYQ9Fl1ADJe3MNWJIchYslIX/nNXXPOw59gxT6yn8mPZcj9yUgYW?= =?us-ascii?Q?6sJmOEggcgm2hG75tYMQKZXt6uwrnPtuONGBxSJ1eoFQPjkgpTOLFu8ut5+4?= =?us-ascii?Q?TD5Z4XAIJsRR5pjrrTwWSynAN77d0H0r?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PAWPR07MB9688.eurprd07.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(7416014)(1800799024)(366016)(10070799003)(7053199007);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?/64rAmZ62DPm1PV3VN9cmOjQZdvznhIJUcywgCc+T7SxjsSwp2Y02waEVPiZ?= =?us-ascii?Q?F53QyTvXDzeJjX3GH8HSxpy1/E/TmezwJlpbxCQM6idVugLKLABEGec5cqtJ?= =?us-ascii?Q?2RN8fOo6wC130bhvLaDgtfyd6hQ8x0L3uUnVlMuo18oOzMThU6UXWdvayQ6N?= =?us-ascii?Q?3WBooA0gfBLxpYdCw8zqjVoFWUFikyvm2EEDpgHxVeLcbxjEQj5B4YZ4U6Qv?= =?us-ascii?Q?BerAKTYc4oRgnKqxxrTBCfcNWuPZ9RFlW+Slzwc9JVr30VuDccaJcsIzFlRo?= =?us-ascii?Q?XitVrGhJd5z110R1+sJTeBtqAG0DrZhaUSQEPLYMc2qAwBg9mKA3oD1Nt33p?= =?us-ascii?Q?oZonnAd9KfXwf25gfMzGWblA1W8GVMxGv16Q0gbVheqXwSgywKh9gI6tnHd9?= =?us-ascii?Q?CRW8HL4ZDV0XFnoJhv9tLonzbDB0YnT56eQxWX3NztD7SJt0hUva9h8QkD3m?= =?us-ascii?Q?xNXQ6pcy2yV+aLTSTSV6wTCot7m6wZk+4ai4ygOUxap5/5Xi3cGaUdiQnfzB?= =?us-ascii?Q?NeB5fSulG04U0u8o+WXUCAXCZboAi24QUyT4H8Xe/o+d/ITEqUvQs/+BwhGZ?= =?us-ascii?Q?ZDOGH8l+c9YpRREqxHTx/7zL6C4fHvQ47rD6oLPdlT1RDQldmuHRBuvXNpdj?= =?us-ascii?Q?nRt/7CKr80q6sUirdhMows/UbXrbVJ50wFUWe0SaSJDu9kYOzd0Z88y3RpsI?= =?us-ascii?Q?odb9aY1BEyDvOKvEMSfOMsAqQ8/1Q58J/THCqwnXhQWvO7GZNb683pyH+1BQ?= =?us-ascii?Q?wJmflMM3iwUEsEIHyklFC7FtAna86mcsReAsdOipEXuJPmcXY1GzMuFLewZe?= =?us-ascii?Q?cXlX3x+Q90wFQM9qsCOIB3NQP7qNgJbgU2aY6zK0sdRMfXfKYck/0PKMGQ/9?= =?us-ascii?Q?nA7r/9Wa88Y5fR7ZTCvLz6Ac9ctEvY/naxIdpISwEKYAXp3wiZGoUE2swAXE?= =?us-ascii?Q?YJrlus5XD1dK1erusu4onKYdBZSpo6leFqzkbTshy26LHvyMNz+EL9MUMb41?= =?us-ascii?Q?0XPe8Qi/5z0Mpa91lq/nxKn6GvRx5fgkC5YlcKOkSB59e5NJsjgK4eCWTrel?= =?us-ascii?Q?h0vp7ptFv7wSvxJQSXkj9vjpsPu7YxfV/tK7kTyD1gLLht4nQm+i3bt6FB4+?= =?us-ascii?Q?f5b54zPUKA9fr883isCkb1aMf6eRwon6tRPduZ9f1Prtdg83wbXdIImgomG0?= =?us-ascii?Q?23JGSH7CyVpTJnq5Y/QHg/ZgeC1NojXFV0WEYUfv65AEoW+t28ikL6SDp0yZ?= =?us-ascii?Q?gzTtrOLmTaQgB6j86KNu3c5SeQ4X8z49wM+T93Si/8eadHQPNVk19gkcaZe1?= =?us-ascii?Q?LRo40JQrzIgR0yVursfrsMcyo9ohMVAitk80mp/TV+WS7fT4bO7uaDgbgRhe?= =?us-ascii?Q?3SlXWhemya9kZW2MltZ+GLXh77Qs+CjP6Bsj6i6USZSqyIvJFw01J3XH+LbZ?= =?us-ascii?Q?PZuzphmyAJYg/2W8my9r6Hi3shzTOIvrth+mMFwDtR6XlzWNPMVzQREWe5oe?= =?us-ascii?Q?9e8yn7scqCMKbA1uUbUTY0WWJP0vGg3fVWDqh7Fa+/yrJWziwYn40hn3ekke?= =?us-ascii?Q?HB3EMMXQK/P/iMzxxjgtuzs0RRL/me1FZUeG9rt1oUmjPGn8ElkMsytPY5Gu?= =?us-ascii?Q?bAEbdTvc4DmvnVflxWsPFXWubCx//2ASa+eB6azOEuwkG/6O4w8mDGY/uinJ?= =?us-ascii?Q?G5s6MQ=3D=3D?= X-OriginatorOrg: nokia.com X-MS-Exchange-CrossTenant-Network-Message-Id: da577d46-607e-4ccb-4387-08de163d47a0 X-MS-Exchange-CrossTenant-AuthSource: PAWPR07MB9688.eurprd07.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Oct 2025 16:15:58.5383 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 5d471751-9675-428d-917b-70f44f9630b0 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: VHHiDW6itcoAuhzJUqTzJrrBJ/8fX7zB+7fIR11UkL8fsQ+Zk0UN45xhrEuOfHtlLwJysR08toRsPGn6gD7paRfaa2UDCxjltEg+gdfyRYg= X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR3PR07MB6700 Content-Type: text/plain; charset="utf-8" Move address list traversal in inet_assoc_attr_size() under the sock lock to avoid holding the RCU read lock. Suggested-by: Xin Long Fixes: 8f840e47f190 ("sctp: add the sctp_diag.c file") Signed-off-by: Stefan Wiehler Acked-by: Xin Long --- net/sctp/diag.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/net/sctp/diag.c b/net/sctp/diag.c index 5d64dd99ca9a..2afb376299fe 100644 --- a/net/sctp/diag.c +++ b/net/sctp/diag.c @@ -230,14 +230,15 @@ struct sctp_comm_param { bool net_admin; }; =20 -static size_t inet_assoc_attr_size(struct sctp_association *asoc) +static size_t inet_assoc_attr_size(struct sock *sk, + struct sctp_association *asoc) { int addrlen =3D sizeof(struct sockaddr_storage); int addrcnt =3D 0; struct sctp_sockaddr_entry *laddr; =20 list_for_each_entry_rcu(laddr, &asoc->base.bind_addr.address_list, - list) + list, lockdep_sock_is_held(sk)) addrcnt++; =20 return nla_total_size(sizeof(struct sctp_info)) @@ -263,11 +264,14 @@ static int sctp_sock_dump_one(struct sctp_endpoint *e= p, struct sctp_transport *t if (err) return err; =20 - rep =3D nlmsg_new(inet_assoc_attr_size(assoc), GFP_KERNEL); - if (!rep) + lock_sock(sk); + + rep =3D nlmsg_new(inet_assoc_attr_size(sk, assoc), GFP_KERNEL); + if (!rep) { + release_sock(sk); return -ENOMEM; + } =20 - lock_sock(sk); if (ep !=3D assoc->ep) { err =3D -EAGAIN; goto out; --=20 2.51.0