Tetsuo Handa 46cea215dc can: j1939: make j1939_sk_bind() fail if device is no longer registered ... There is a theoretical race window in j1939_sk_netdev_event_unregister() where two j1939_sk_bind() calls jump in between read_unlock_bh() and lock_sock(). The assumption jsk->priv == priv can fail if the first j1939_sk_bind() call once made jsk->priv == NULL due to failed j1939_local_ecu_get() call and the second j1939_sk_bind() call again made jsk->priv != NULL due to successful j1939_local_ecu_get() call. Since the socket lock is held by both j1939_sk_netdev_event_unregister() and j1939_sk_bind(), checking ndev->reg_state with the socket lock held can reliably make the second j1939_sk_bind() call fail (and close this race window). Fixes: 7fcbe5b2c6 ("can: j1939: implement NETDEV_UNREGISTER notification handler") Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Acked-by: Oleksij Rempel <o.rempel@pengutronix.de> Link: https://patch.msgid.link/5732921e-247e-4957-a364-da74bd7031d7@I-love.SAKURA.ne.jp Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>		2025-12-17 10:47:33 +01:00
..
j1939	can: j1939: make j1939_sk_bind() fail if device is no longer registered	2025-12-17 10:47:33 +01:00
Kconfig	can: fix build dependency	2025-12-10 09:19:34 +01:00
Makefile	can: add ISO 15765-2:2016 transport protocol	2020-10-07 23:18:33 +02:00
af_can.c	can: annotate mtu accesses with READ_ONCE()	2025-09-23 10:04:58 +02:00
af_can.h	can: statistics: use atomic access in hot path	2025-03-14 09:47:00 +01:00
bcm.c	net: Convert proto_ops connect() callbacks to use sockaddr_unsized	2025-11-04 19:10:32 -08:00
gw.c	can: gw: fix RCU/BH usage in cgw_create_job()	2025-05-06 15:55:36 +02:00
isotp.c	net: Convert proto_ops bind() callbacks to use sockaddr_unsized	2025-11-04 19:10:32 -08:00
proc.c	treewide, timers: Rename from_timer() to timer_container_of()	2025-06-08 09:07:37 +02:00
raw.c	can: raw: instantly reject unsupported CAN frames	2025-11-26 11:20:44 +01:00