From: Kuniyuki Iwashima <kuniyu@amazon.com>
Date: Tue, 12 Jul 2022 00:15:26 +0000 (-0700)
Subject: icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr.
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=de9490c32bc10020efdd1509689a28f197d6dfb8;p=linux.git

icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr.

[ Upstream commit d2efabce81db7eed1c98fa1a3f203f0edd738ac3 ]

While reading sysctl_icmp_errors_use_inbound_ifaddr, it can be changed
concurrently.  Thus, we need to add READ_ONCE() to its reader.

Fixes: 1c2fb7f93cb2 ("[IPV4]: Sysctl configurable icmp error source address.")
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---

diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
index 6f444b2b7d1a3..e40a79bb0a6ec 100644
--- a/net/ipv4/icmp.c
+++ b/net/ipv4/icmp.c
@@ -702,7 +702,7 @@ void __icmp_send(struct sk_buff *skb_in, int type, int code, __be32 info,
 
 		rcu_read_lock();
 		if (rt_is_input_route(rt) &&
-		    net->ipv4.sysctl_icmp_errors_use_inbound_ifaddr)
+		    READ_ONCE(net->ipv4.sysctl_icmp_errors_use_inbound_ifaddr))
 			dev = dev_get_by_index_rcu(net, inet_iif(skb_in));
 
 		if (dev)
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index 51863031b1786..49a8167dda875 100644
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -648,6 +648,8 @@ static struct ctl_table ipv4_net_table[] = {
 		.maxlen		= sizeof(u8),
 		.mode		= 0644,
 		.proc_handler	= proc_dou8vec_minmax,
+		.extra1		= SYSCTL_ZERO,
+		.extra2		= SYSCTL_ONE
 	},
 	{
 		.procname	= "icmp_ratelimit",