From: patchwork-bot+netdevbpf@kernel.org
To: =?utf-8?q?Nicol=C3=B2_Coccia_=3Cn=2Ecoccia96=40gmail=2Ecom=3E?=@aws-us-west-2-korg-oddjob-rhel9-1.codeaurora.org
Cc: alibuda@linux.alibaba.com, dust.li@linux.alibaba.com,
sidraya@linux.ibm.com, wenjia@linux.ibm.com,
mjambigi@linux.ibm.com, tonylu@linux.alibaba.com,
guwen@linux.alibaba.com, linux-rdma@vger.kernel.org,
linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org, nicolo.coccia@leonardo.com
Subject: Re: [PATCH v3] net/smc: fix sleep-inside-lock in __smc_setsockopt() causing local DoS
Date: Wed, 13 May 2026 03:45:16 +0000 [thread overview]
Message-ID: <177864391679.3173643.11650967377034857635.git-patchwork-notify@kernel.org> (raw)
In-Reply-To: <20260510163414.16651-1-n.coccia96@gmail.com>
Hello:
This patch was applied to netdev/net.git (main)
by Jakub Kicinski <kuba@kernel.org>:
On Sun, 10 May 2026 12:34:13 -0400 you wrote:
> A logic flaw in __smc_setsockopt() allows a local unprivileged user to
> cause a Denial of Service (DoS) by holding the socket lock indefinitely.
>
> The function __smc_setsockopt() calls copy_from_sockptr() while holding
> lock_sock(sk). By passing a userfaultfd-monitored memory page (or
> FUSE-backed memory on systems where unprivileged userfaultfd is disabled)
> as the optval, an attacker can halt execution during the copy operation,
> keeping the lock held.
>
> [...]
Here is the summary with links:
- [v3] net/smc: fix sleep-inside-lock in __smc_setsockopt() causing local DoS
https://git.kernel.org/netdev/net/c/a3fdd924d88c
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
prev parent reply other threads:[~2026-05-13 3:46 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-10 16:34 [PATCH v3] net/smc: fix sleep-inside-lock in __smc_setsockopt() causing local DoS Nicolò Coccia
2026-05-11 1:47 ` Dust Li
2026-05-13 3:45 ` patchwork-bot+netdevbpf [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=177864391679.3173643.11650967377034857635.git-patchwork-notify@kernel.org \
--to=patchwork-bot+netdevbpf@kernel.org \
--cc==?utf-8?q?Nicol=C3=B2_Coccia_=3Cn=2Ecoccia96=40gmail=2Ecom=3E?=@aws-us-west-2-korg-oddjob-rhel9-1.codeaurora.org \
--cc=alibuda@linux.alibaba.com \
--cc=dust.li@linux.alibaba.com \
--cc=guwen@linux.alibaba.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-rdma@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=mjambigi@linux.ibm.com \
--cc=netdev@vger.kernel.org \
--cc=nicolo.coccia@leonardo.com \
--cc=sidraya@linux.ibm.com \
--cc=tonylu@linux.alibaba.com \
--cc=wenjia@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.