From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Fri, 18 Feb 2022 10:51:16 +0000 (+0100)
Subject: 4.19-stable patches
X-Git-Tag: v4.9.303~59
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b5ea4a2589f07746ca028bb8d6d3c689542d921a;p=thirdparty%2Fkernel%2Fstable-queue.git

4.19-stable patches

added patches:
	vsock-remove-vsock-from-connected-table-when-connect-is-interrupted-by-a-signal.patch
---

diff --git a/queue-4.19/series b/queue-4.19/series
index db2c4e96c1b..0eea82694a9 100644
--- a/queue-4.19/series
+++ b/queue-4.19/series
@@ -19,3 +19,4 @@ drm-radeon-fix-backlight-control-on-imac-12-1.patch
 xfrm-don-t-accidentally-set-rto_onlink-in-decode_session4.patch
 taskstats-cleanup-the-use-of-task-exit_code.patch
 mmc-block-fix-read-single-on-recovery-logic.patch
+vsock-remove-vsock-from-connected-table-when-connect-is-interrupted-by-a-signal.patch
diff --git a/queue-4.19/vsock-remove-vsock-from-connected-table-when-connect-is-interrupted-by-a-signal.patch b/queue-4.19/vsock-remove-vsock-from-connected-table-when-connect-is-interrupted-by-a-signal.patch
new file mode 100644
index 00000000000..61acc8c13da
--- /dev/null
+++ b/queue-4.19/vsock-remove-vsock-from-connected-table-when-connect-is-interrupted-by-a-signal.patch
@@ -0,0 +1,46 @@
+From b9208492fcaecff8f43915529ae34b3bcb03877c Mon Sep 17 00:00:00 2001
+From: Seth Forshee <sforshee@digitalocean.com>
+Date: Thu, 17 Feb 2022 08:13:12 -0600
+Subject: vsock: remove vsock from connected table when connect is interrupted by a signal
+
+From: Seth Forshee <sforshee@digitalocean.com>
+
+commit b9208492fcaecff8f43915529ae34b3bcb03877c upstream.
+
+vsock_connect() expects that the socket could already be in the
+TCP_ESTABLISHED state when the connecting task wakes up with a signal
+pending. If this happens the socket will be in the connected table, and
+it is not removed when the socket state is reset. In this situation it's
+common for the process to retry connect(), and if the connection is
+successful the socket will be added to the connected table a second
+time, corrupting the list.
+
+Prevent this by calling vsock_remove_connected() if a signal is received
+while waiting for a connection. This is harmless if the socket is not in
+the connected table, and if it is in the table then removing it will
+prevent list corruption from a double add.
+
+Note for backporting: this patch requires d5afa82c977e ("vsock: correct
+removal of socket from the list"), which is in all current stable trees
+except 4.9.y.
+
+Fixes: d021c344051a ("VSOCK: Introduce VM Sockets")
+Signed-off-by: Seth Forshee <sforshee@digitalocean.com>
+Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
+Link: https://lore.kernel.org/r/20220217141312.2297547-1-sforshee@digitalocean.com
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/vmw_vsock/af_vsock.c |    1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/net/vmw_vsock/af_vsock.c
++++ b/net/vmw_vsock/af_vsock.c
+@@ -1230,6 +1230,7 @@ static int vsock_stream_connect(struct s
+ 			sk->sk_state = sk->sk_state == TCP_ESTABLISHED ? TCP_CLOSING : TCP_CLOSE;
+ 			sock->state = SS_UNCONNECTED;
+ 			vsock_transport_cancel_pkt(vsk);
++			vsock_remove_connected(vsk);
+ 			goto out_wait;
+ 		} else if (timeout == 0) {
+ 			err = -ETIMEDOUT;