From: Xin Long <[email protected]>
Date: Mon, 15 Jan 2018 17:01:36 +0800
> After commit cea0cc80a677 ("sctp: use the right sk after waking up from
> wait_buf sleep"), it may change to lock another sk if the asoc has been
> peeled off in sctp_wait_for_sndbuf.
>
> However, the asoc's new sk could be already closed elsewhere, as it's in
> the sendmsg context of the old sk that can't avoid the new sk's closing.
> If the sk's last one refcnt is held by this asoc, later on after putting
> this asoc, the new sk will be freed, while under it's own lock.
>
> This patch is to revert that commit, but fix the old issue by returning
> error under the old sk's lock.
>
> Fixes: cea0cc80a677 ("sctp: use the right sk after waking up from wait_buf
> sleep")
> Reported-by: [email protected]
> Signed-off-by: Xin Long <[email protected]>
Applied and queued up for -stable.
