mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-10-03 07:38:10 +00:00
net/mlx5e: Fix possible race condition in macsec extended packet number update routine
Currenty extended packet number (EPN) update routine is accessing
macsec object without holding the general macsec lock hence facing
a possible race condition when an EPN update occurs while updating
or deleting the SA.
Fix by holding the general macsec lock before accessing the object.
Fixes: 4411a6c0ab
("net/mlx5e: Support MACsec offload extended packet number (EPN)")
Signed-off-by: Emeel Hakim <ehakim@nvidia.com>
Signed-off-by: Saeed Mahameed <saeedm@nvidia.com>
This commit is contained in:
parent
94ffd6e0c7
commit
8514e325ef
1 changed files with 3 additions and 0 deletions
|
@ -1536,6 +1536,8 @@ static void macsec_async_event(struct work_struct *work)
|
||||||
|
|
||||||
async_work = container_of(work, struct mlx5e_macsec_async_work, work);
|
async_work = container_of(work, struct mlx5e_macsec_async_work, work);
|
||||||
macsec = async_work->macsec;
|
macsec = async_work->macsec;
|
||||||
|
mutex_lock(&macsec->lock);
|
||||||
|
|
||||||
mdev = async_work->mdev;
|
mdev = async_work->mdev;
|
||||||
obj_id = async_work->obj_id;
|
obj_id = async_work->obj_id;
|
||||||
macsec_sa = get_macsec_tx_sa_from_obj_id(macsec, obj_id);
|
macsec_sa = get_macsec_tx_sa_from_obj_id(macsec, obj_id);
|
||||||
|
@ -1557,6 +1559,7 @@ static void macsec_async_event(struct work_struct *work)
|
||||||
|
|
||||||
out_async_work:
|
out_async_work:
|
||||||
kfree(async_work);
|
kfree(async_work);
|
||||||
|
mutex_unlock(&macsec->lock);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int macsec_obj_change_event(struct notifier_block *nb, unsigned long event, void *data)
|
static int macsec_obj_change_event(struct notifier_block *nb, unsigned long event, void *data)
|
||||||
|
|
Loading…
Reference in a new issue