[tipc-discussion] [net] tipc: fix sleeping in tipc accept routine

The release_sock() is blocking function, it would change the state after sleeping. In order to evaluate the stated condition outside the socket lock context, switch to use wait_woken() instead. Fixes: 6398e23cdb1d8 ("tipc: standardize accept routine") Acked-by: Jon Maloy Signed-off-by: Hoang Le

Re: [tipc-discussion] FW: [syzbot] KASAN: use-after-free Read in tipc_recvmsg

On Thu, Jul 22, 2021 at 9:55 PM Hoang Huu Le wrote: > > Hi Xin, > > I think the issue caused by your patch: > > f4919ff59c282 ("tipc: keep the skb in rcv queue until the whole data is read) > > 1976 if (!skb_cb->bytes_read) > 1977 tsk_advance_rx_queue(sk); <-- skb

[tipc-discussion] FW: [syzbot] KASAN: use-after-free Read in tipc_recvmsg

Hi Xin, I think the issue caused by your patch: f4919ff59c282 ("tipc: keep the skb in rcv queue until the whole data is read) 1976 if (!skb_cb->bytes_read) 1977 tsk_advance_rx_queue(sk); <-- skb free-ed here 1978 1979 if (likely(!connected) ||

[tipc-discussion] [PATCH net] tipc: fix implicit-connect for SYN+

For implicit-connect, when it's either SYN- or SYN+, an ACK should be sent back to the client immediately. It's not appropriate for the client to enter established state only after receiving data from the server. On client side, after the SYN is sent out, tipc_wait_for_connect() should be called