Pandora Sourcecodes - pandora-kernel.git/commit

author	Guillaume Nault <g.nault@alphalink.fr>
	Fri, 31 Mar 2017 11:02:27 +0000 (13:02 +0200)
committer	Ben Hutchings <ben@decadent.org.uk>
	Tue, 18 Jul 2017 17:38:40 +0000 (18:38 +0100)
commit	0463e1a532e6cdac4cbea44e87657853dc2b61d3
tree	d00177583885b38f66cc813d3a38153beed8de9e	tree \| snapshot
parent	a1bf0abb66cf377a70c65dd96cc1dbf662a2a391	commit \| diff

l2tp: fix duplicate session creation

commit dbdbc73b44782e22b3b4b6e8b51e7a3d245f3086 upstream.

l2tp_session_create() relies on its caller for checking for duplicate
sessions. This is racy since a session can be concurrently inserted
after the caller's verification.

Fix this by letting l2tp_session_create() verify sessions uniqueness
upon insertion. Callers need to be adapted to check for
l2tp_session_create()'s return code instead of calling
l2tp_session_find().

pppol2tp_connect() is a bit special because it has to work on existing
sessions (if they're not connected) or to create a new session if none
is found. When acting on a preexisting session, a reference must be
held or it could go away on us. So we have to use l2tp_session_get()
instead of l2tp_session_find() and drop the reference before exiting.

Fixes: d9e31d17ceba ("l2tp: Add L2TP ethernet pseudowire support")
Fixes: fd558d186df2 ("l2tp: Split pppol2tp patch into separate l2tp and ppp parts")
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
Signed-off-by: David S. Miller <davem@davemloft.net>
[bwh: Backported to 3.2: add 'pos' parameter to
hlist_for_each_entry{,_rcu}() calls]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>

net/l2tp/l2tp_core.c		diff \| blob \| history
net/l2tp/l2tp_eth.c		diff \| blob \| history
net/l2tp/l2tp_ppp.c		diff \| blob \| history