CVE-2024-57903

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: restrict SO_REUSEPORT to inet sockets<br /> <br /> After blamed commit, crypto sockets could accidentally be destroyed<br /> from RCU call back, as spotted by zyzbot [1].<br /> <br /> Trying to acquire a mutex in RCU callback is not allowed.<br /> <br /> Restrict SO_REUSEPORT socket option to inet sockets.<br /> <br /> v1 of this patch supported TCP, UDP and SCTP sockets,<br /> but fcnal-test.sh test needed RAW and ICMP support.<br /> <br /> [1]<br /> BUG: sleeping function called from invalid context at kernel/locking/mutex.c:562<br /> in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 24, name: ksoftirqd/1<br /> preempt_count: 100, expected: 0<br /> RCU nest depth: 0, expected: 0<br /> 1 lock held by ksoftirqd/1/24:<br /> #0: ffffffff8e937ba0 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]<br /> #0: ffffffff8e937ba0 (rcu_callback){....}-{0:0}, at: rcu_do_batch kernel/rcu/tree.c:2561 [inline]<br /> #0: ffffffff8e937ba0 (rcu_callback){....}-{0:0}, at: rcu_core+0xa37/0x17a0 kernel/rcu/tree.c:2823<br /> Preemption disabled at:<br /> [] softirq_handle_begin kernel/softirq.c:402 [inline]<br /> [] handle_softirqs+0x128/0x9b0 kernel/softirq.c:537<br /> CPU: 1 UID: 0 PID: 24 Comm: ksoftirqd/1 Not tainted 6.13.0-rc3-syzkaller-00174-ga024e377efed #0<br /> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024<br /> Call Trace:<br /> <br /> __dump_stack lib/dump_stack.c:94 [inline]<br /> dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120<br /> __might_resched+0x5d4/0x780 kernel/sched/core.c:8758<br /> __mutex_lock_common kernel/locking/mutex.c:562 [inline]<br /> __mutex_lock+0x131/0xee0 kernel/locking/mutex.c:735<br /> crypto_put_default_null_skcipher+0x18/0x70 crypto/crypto_null.c:179<br /> aead_release+0x3d/0x50 crypto/algif_aead.c:489<br /> alg_do_release crypto/af_alg.c:118 [inline]<br /> alg_sock_destruct+0x86/0xc0 crypto/af_alg.c:502<br /> __sk_destruct+0x58/0x5f0 net/core/sock.c:2260<br /> rcu_do_batch kernel/rcu/tree.c:2567 [inline]<br /> rcu_core+0xaaa/0x17a0 kernel/rcu/tree.c:2823<br /> handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561<br /> run_ksoftirqd+0xca/0x130 kernel/softirq.c:950<br /> smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164<br /> kthread+0x2f0/0x390 kernel/kthread.c:389<br /> ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147<br /> ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244<br />