[PATCH openEuler-1.0-LTS 1/2] mptcp: add sk_stop_timer_sync helper

From: Geliang Tang geliangtang@gmail.com

stable inclusion from stable-v4.19.312 commit 9c382bc16fa8f7499b0663398437e125cf4f763b category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9QG5Z CVE: CVE-2024-35910

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=...

---------------------------

[ Upstream commit 08b81d873126b413cda511b1ea1cbb0e99938bbd ]

This patch added a new helper sk_stop_timer_sync, it deactivates a timer like sk_stop_timer, but waits for the handler to finish.

Acked-by: Paolo Abeni pabeni@redhat.com Signed-off-by: Geliang Tang geliangtang@gmail.com Reviewed-by: Mat Martineau mathew.j.martineau@linux.intel.com Signed-off-by: David S. Miller davem@davemloft.net Stable-dep-of: 151c9c724d05 ("tcp: properly terminate timers for kernel sockets") Signed-off-by: Sasha Levin sashal@kernel.org

Conflicts: net/core/sock.c [This is because we backport 584f3742890e.] Signed-off-by: Liu Jian liujian56@huawei.com --- include/net/sock.h | 2 ++ net/core/sock.c | 7 +++++++ 2 files changed, 9 insertions(+)

diff --git a/include/net/sock.h b/include/net/sock.h index 66e9c1060b13..fdce25c43fb3 100644 --- a/include/net/sock.h +++ b/include/net/sock.h @@ -2241,6 +2241,8 @@ void sk_reset_timer(struct sock *sk, struct timer_list *timer,

void sk_stop_timer(struct sock *sk, struct timer_list *timer);

+void sk_stop_timer_sync(struct sock *sk, struct timer_list *timer); + int __sk_queue_drop_skb(struct sock *sk, struct sk_buff_head *sk_queue, struct sk_buff *skb, unsigned int flags, void (*destructor)(struct sock *sk, diff --git a/net/core/sock.c b/net/core/sock.c index cc286bf0f1a4..f462fa055b74 100644 --- a/net/core/sock.c +++ b/net/core/sock.c @@ -2826,6 +2826,13 @@ void sk_stop_timer(struct sock *sk, struct timer_list* timer) } EXPORT_SYMBOL(sk_stop_timer);

+void sk_stop_timer_sync(struct sock *sk, struct timer_list *timer) +{ + if (del_timer_sync(timer)) + __sock_put(sk); +} +EXPORT_SYMBOL(sk_stop_timer_sync); + void sock_init_data_uid(struct socket *sock, struct sock *sk, kuid_t uid) { sk_init_common(sk);