diff options
| author | Alexander Potapenko <glider@google.com> | 2017-03-21 12:14:27 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2017-03-22 15:40:22 -0400 |
| commit | d515684d78148884d5fc425ba904c50f03844020 (patch) | |
| tree | 9b48522dd41d5e36f4af6fe13de70f1d7a48931d /net/ipv6 | |
| parent | 1b33c0d2a1885b64dbd9e4c4513b8051c4d984c9 (diff) | |
ipv6: make sure to initialize sockc.tsflags before first use
In the case udp_sk(sk)->pending is AF_INET6, udpv6_sendmsg() would
jump to do_append_data, skipping the initialization of sockc.tsflags.
Fix the problem by moving sockc.tsflags initialization earlier.
The bug was detected with KMSAN.
Fixes: c14ac9451c34 ("sock: enable timestamping using control messages")
Signed-off-by: Alexander Potapenko <glider@google.com>
Acked-by: Soheil Hassas Yeganeh <soheil@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6')
| -rw-r--r-- | net/ipv6/udp.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c index 4e4c401e3bc6..e28082f0a307 100644 --- a/net/ipv6/udp.c +++ b/net/ipv6/udp.c | |||
| @@ -1035,6 +1035,7 @@ int udpv6_sendmsg(struct sock *sk, struct msghdr *msg, size_t len) | |||
| 1035 | ipc6.hlimit = -1; | 1035 | ipc6.hlimit = -1; |
| 1036 | ipc6.tclass = -1; | 1036 | ipc6.tclass = -1; |
| 1037 | ipc6.dontfrag = -1; | 1037 | ipc6.dontfrag = -1; |
| 1038 | sockc.tsflags = sk->sk_tsflags; | ||
| 1038 | 1039 | ||
| 1039 | /* destination address check */ | 1040 | /* destination address check */ |
| 1040 | if (sin6) { | 1041 | if (sin6) { |
| @@ -1159,7 +1160,6 @@ do_udp_sendmsg: | |||
| 1159 | 1160 | ||
| 1160 | fl6.flowi6_mark = sk->sk_mark; | 1161 | fl6.flowi6_mark = sk->sk_mark; |
| 1161 | fl6.flowi6_uid = sk->sk_uid; | 1162 | fl6.flowi6_uid = sk->sk_uid; |
| 1162 | sockc.tsflags = sk->sk_tsflags; | ||
| 1163 | 1163 | ||
| 1164 | if (msg->msg_controllen) { | 1164 | if (msg->msg_controllen) { |
| 1165 | opt = &opt_space; | 1165 | opt = &opt_space; |