net: datagram: fix data-races in datagram_poll() (699c9e7c) · Commits · e / devices / android_kernel_fairphone_FP5

net/core/datagram.c

+10 −5

Original line number	Diff line number	Diff line
		@@ -778,18 +778,21 @@ __poll_t datagram_poll(struct file file, struct socket sock,
		{
		struct sock *sk = sock->sk;
		__poll_t mask;
		u8 shutdown;

		sock_poll_wait(file, sock, wait);
		mask = 0;

		/* exceptional events? */
		if (sk->sk_err \|\| !skb_queue_empty_lockless(&sk->sk_error_queue))
		if (READ_ONCE(sk->sk_err) \|\|
		!skb_queue_empty_lockless(&sk->sk_error_queue))
		mask \|= EPOLLERR \|
		(sock_flag(sk, SOCK_SELECT_ERR_QUEUE) ? EPOLLPRI : 0);

		if (sk->sk_shutdown & RCV_SHUTDOWN)
		shutdown = READ_ONCE(sk->sk_shutdown);
		if (shutdown & RCV_SHUTDOWN)
		mask \|= EPOLLRDHUP \| EPOLLIN \| EPOLLRDNORM;
		if (sk->sk_shutdown == SHUTDOWN_MASK)
		if (shutdown == SHUTDOWN_MASK)
		mask \|= EPOLLHUP;

		/* readable? */
		@@ -798,10 +801,12 @@ __poll_t datagram_poll(struct file file, struct socket sock,

		/* Connection-based need to check for termination and startup */
		if (connection_based(sk)) {
		if (sk->sk_state == TCP_CLOSE)
		int state = READ_ONCE(sk->sk_state);

		if (state == TCP_CLOSE)
		mask \|= EPOLLHUP;
		/* connection hasn't started yet? */
		if (sk->sk_state == TCP_SYN_SENT)
		if (state == TCP_SYN_SENT)
		return mask;
		}