From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-dy1-f177.google.com (mail-dy1-f177.google.com [74.125.82.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A94B3361662 for ; Tue, 16 Jun 2026 12:40:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=74.125.82.177 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1781613604; cv=none; b=d9pqcTevvifHf8XgiAbGdzm20qlmIzACgy5dh9PYB+4nQdoTmtvNwttKy8a2fCwmqpuKBTS4dP99iMTm1rtqr55Fh0VOjDMuL2gtvLhSCkHaEWY7Fun5SeWejjFS5KD3WR/50XzNkc8HQItNuBz5NCfS0mG0Qm8rW0N66HAHHIY= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1781613604; c=relaxed/simple; bh=+qoGij95oCB5Tcj73SYSEIQXpI4gExKhrc1Em04cpas=; h=Mime-Version:Content-Type:Date:Message-Id:Cc:Subject:From:To: References:In-Reply-To; b=NdCUDYe2IoJcjwWI9/E/STuCBX7D7tJLVqeAplDlcObou4PEYu4xW7l+2+9PSU9vRdPsVBs9dJSnlbgthMre9+7bqbZ+RvegC78BY1J7jKOKn2t7MDzAcwDboPTFmjoIOUg2FznYzAVx9t+IR5y15IUqjT8GcjtpgGPEXsmZCYI= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=pEo8i2LW; arc=none smtp.client-ip=74.125.82.177 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="pEo8i2LW" Received: by mail-dy1-f177.google.com with SMTP id 5a478bee46e88-30bb2df6fbbso1333490eec.0 for ; Tue, 16 Jun 2026 05:40:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1781613603; x=1782218403; darn=vger.kernel.org; h=in-reply-to:references:to:from:subject:cc:message-id:date :content-transfer-encoding:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=+qoGij95oCB5Tcj73SYSEIQXpI4gExKhrc1Em04cpas=; b=pEo8i2LWRYoozGPu5oIpXOukzWB/Elcq6XtfxfC2tyRr47iSJC2PG5aoWpB3A7wP45 Flsjf4/D7ahJd/dr8sDScT/0slGgGKOoRNo7Ri35sBqrcPRQWkoqhRtJRTX2KaETNbR/ B4/pRdjZCrDXMtB3kl8qbpIhvJP4MfPUuQmPoFqvtZbI/Px5Po1TagmF6BunWzeZALf3 2UnTdQzgJtfknLPVvkQ1yHVRj0LesSqvCgZik/6xo4MxO8EPhVTQAWRLcdJI5eXtMnky rPcUwF6cgtCRXTwZKZRJ2wCBOgImHacR5A4vTsUAf065+C2+be3qxoVp6dxqK8TUtrSZ hLxA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1781613603; x=1782218403; h=in-reply-to:references:to:from:subject:cc:message-id:date :content-transfer-encoding:mime-version:x-gm-gg:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=+qoGij95oCB5Tcj73SYSEIQXpI4gExKhrc1Em04cpas=; b=GOPvqubAt4BbxQPJEaUwKMQwX5OXEZD09OsdQ5KL0wfedZB5gHPdVYJmXZoFnfSJkQ e5IF+/lupBenUo3piLT9gqR2mHfxDw15JHlWZprpZgzY8ta0XPPi2HjQzJySTY6Jp4EV LTP+daFN/LfFC0rSCITNYGPi1frcOu9R3hMZyk6hyENkR7jwdOkHjzj2q16+idkaNgC5 vXhKMMMUjYtcuf1ZEzosIaz7q7u3MUGyMqtTb3uTnEp46/CdZpUtvKQZ0icesmLj6OSz eFdKJIE1gINBGRj6KtqFGjXhl+Yhd9JAZGAsWtVEZNac5ZegZ11btxckQx1zm9LVIYVe e8kg== X-Forwarded-Encrypted: i=1; AFNElJ8l4infTuKdgT0UzDs6ijcqrmBC6zAoSQ30vkPeVoc/J2YkG2mYGkJ5GC/fE9ViqDjHWbvfftQ=@vger.kernel.org X-Gm-Message-State: AOJu0Yw/RGfDZxrBhzo19ejF/gk70QNYYzxCLd0IYvCiREHarHQhvzZF eJHUURDX5YHQUz0olERJr8gxkblenk4dilr8HNcsA5JcGx9UIRke1kDv X-Gm-Gg: Acq92OHt8D3/9zIFZupx3t4yRACLUqOVkD4UHU/2gn0LcCuz5hjSwaDJ5CzdWZk2qja /dF8xagfx1ofh+2ZYlK+hs4R3HWuw7We7ZiiPLtR1BhCzP8NCS+LFx7L0FOP3s7RA3vz0oRZgvy KPxRzCDgi339KppndG/LWiiu+ZuFt67ugUIw3kNROspN11inI1haSBPmejj8gGoUVYKB5kbMes2 vweB2eGRMVBechClt83HkVrXrnNbFwPFqJnDllvb6GkWVgaJH7HYPfEENMZZMDk6wG/099Eeu1N P57WlShmal4/baH+pW8VIJq8w/e3y6/RLoCoJvWf59pf70BDbahyaa8Z7TG9cYqbWb8zCBIkQAs cXnM9OijIy1YOXvBZBFJtuZpGLOllCqMnyzR1Zp9sM4xwXNWeK7iKMJjwlMmDrQQ7/J7pN5+tuW /9/CnNZgDDOdkfSmZcykGy43TQIu3EIeQ3dwEwnHiwa4KUd+wInrc= X-Received: by 2002:a05:7300:d10:b0:2ed:e12:3773 with SMTP id 5a478bee46e88-30ba5fb4473mr2390102eec.35.1781613602609; Tue, 16 Jun 2026 05:40:02 -0700 (PDT) Received: from localhost ([198.176.50.157]) by smtp.gmail.com with ESMTPSA id 5a478bee46e88-3081e48bfa7sm18872680eec.5.2026.06.16.05.39.59 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 16 Jun 2026 05:40:02 -0700 (PDT) Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Tue, 16 Jun 2026 20:39:57 +0800 Message-Id: Cc: "Chas Williams" <3chas3@gmail.com>, "David S . Miller" , "Eric Dumazet" , "Paolo Abeni" , "Simon Horman" , , , , "Xiang Mei" Subject: Re: [PATCH v2] atm: fix use-after-free in sigd_put_skb() From: "Weiming Shi" To: "Jakub Kicinski" , "Weiming Shi" X-Mailer: aerc 0.21.0 References: <20260609162107.2865310-2-bestswngs@gmail.com> <20260612161051.2d4df09b@kernel.org> In-Reply-To: <20260612161051.2d4df09b@kernel.org> On Sat Jun 13, 2026 at 7:10 AM CST, Jakub Kicinski wrote: > On Wed, 10 Jun 2026 00:21:08 +0800 Weiming Shi wrote: >> sigd_put_skb() delivers a signalling message to the daemon socket named >> by the global @sigd pointer, ending in a call to sk_data_ready(). It >> reads @sigd with no synchronisation, so it can race with a close of the >> daemon socket: sigd_close() clears @sigd and the socket is then torn >> down and freed. > > Hm, we intend to only retain the portions of the ATM stack which are > still used in PPPoATM and ADSL. I don't believe the signaling stuff=20 > is used there. I will post a patch to delete this code. Thanks, that makes sense to me.=20