Skip to content

Commit

Permalink
x25: Fix broken locking in ioctl error paths.
Browse files Browse the repository at this point in the history
Two of the x25 ioctl cases have error paths that break out of the function without
unlocking the socket, leading to this warning:

================================================
[ BUG: lock held when returning to user space! ]
3.10.0-rc7+ hardkernel#36 Not tainted
------------------------------------------------
trinity-child2/31407 is leaving the kernel with locks still held!
1 lock held by trinity-child2/31407:
 #0:  (sk_lock-AF_X25){+.+.+.}, at: [<ffffffffa024b6da>] x25_ioctl+0x8a/0x740 [x25]

Signed-off-by: Dave Jones <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
  • Loading branch information
Dave Jones authored and davem330 committed Jul 2, 2013
1 parent aec0a40 commit 4ccb93c
Showing 1 changed file with 8 additions and 7 deletions.
15 changes: 8 additions & 7 deletions net/x25/af_x25.c
Original file line number Diff line number Diff line change
Expand Up @@ -1583,26 +1583,27 @@ static int x25_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
case SIOCX25CALLACCPTAPPRV: {
rc = -EINVAL;
lock_sock(sk);
if (sk->sk_state != TCP_CLOSE)
break;
clear_bit(X25_ACCPT_APPRV_FLAG, &x25->flags);
if (sk->sk_state == TCP_CLOSE) {
clear_bit(X25_ACCPT_APPRV_FLAG, &x25->flags);
rc = 0;
}
release_sock(sk);
rc = 0;
break;
}

case SIOCX25SENDCALLACCPT: {
rc = -EINVAL;
lock_sock(sk);
if (sk->sk_state != TCP_ESTABLISHED)
break;
goto out_sendcallaccpt_release;
/* must call accptapprv above */
if (test_bit(X25_ACCPT_APPRV_FLAG, &x25->flags))
break;
goto out_sendcallaccpt_release;
x25_write_internal(sk, X25_CALL_ACCEPTED);
x25->state = X25_STATE_3;
release_sock(sk);
rc = 0;
out_sendcallaccpt_release:
release_sock(sk);
break;
}

Expand Down

0 comments on commit 4ccb93c

Please sign in to comment.