Commit e3f2599e authored Jun 04, 2024 by Kuniyuki Iwashima Committed by Greg Kroah-Hartman Jun 21, 2024

af_unix: Use skb_queue_empty_lockless() in unix_release_sock().



[ Upstream commit 83690b82 ]

If the socket type is SOCK_STREAM or SOCK_SEQPACKET, unix_release_sock()
checks the length of the peer socket's recvq under unix_state_lock().

However, unix_stream_read_generic() calls skb_unlink() after releasing
the lock.  Also, for SOCK_SEQPACKET, __skb_try_recv_datagram() unlinks
skb without unix_state_lock().

Thues, unix_state_lock() does not protect qlen.

Let's use skb_queue_empty_lockless() in unix_release_sock().

Fixes: 1da177e4 ("Linux-2.6.12-rc2")
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

parent 4c64c3e2

Show whitespace changes

Inline Side-by-side

CodeLinaro @codelinaro
mentioned in commit 41e1c6f9
· Nov 05, 2025

mentioned in commit 41e1c6f9

mentioned in commit 41e1c6f93780e2e8a0d4af66bd8de9546e17a8b0

Toggle commit list
CodeLinaro @codelinaro
mentioned in commit 41e1c6f9
· Nov 05, 2025

mentioned in commit 41e1c6f9

mentioned in commit 41e1c6f93780e2e8a0d4af66bd8de9546e17a8b0

Toggle commit list
CodeLinaro @codelinaro
mentioned in commit 41e1c6f9
· Nov 05, 2025

mentioned in commit 41e1c6f9

mentioned in commit 41e1c6f93780e2e8a0d4af66bd8de9546e17a8b0

Toggle commit list

Please to comment