From patchwork Wed Mar 27 00:18:35 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Yuxuan Luo <yuxuan.luo@canonical.com>
X-Patchwork-Id: 1916460
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com
 (client-ip=185.125.189.65; helo=lists.ubuntu.com;
 envelope-from=kernel-team-bounces@lists.ubuntu.com;
 receiver=patchwork.ozlabs.org)
Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65])
	(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4V46jh4F5xz23sQ
	for <incoming@patchwork.ozlabs.org>; Wed, 27 Mar 2024 11:19:20 +1100 (AEDT)
Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com)
	by lists.ubuntu.com with esmtp (Exim 4.86_2)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1rpH0a-0005G9-Pu; Wed, 27 Mar 2024 00:19:12 +0000
Received: from smtp-relay-internal-1.internal ([10.131.114.114]
 helo=smtp-relay-internal-1.canonical.com)
 by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.86_2) (envelope-from <yuxuan.luo@canonical.com>)
 id 1rpH0X-0005FS-Et
 for kernel-team@lists.ubuntu.com; Wed, 27 Mar 2024 00:19:09 +0000
Received: from mail-pl1-f197.google.com (mail-pl1-f197.google.com
 [209.85.214.197])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
 (No client certificate requested)
 by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 3DD443F285
 for <kernel-team@lists.ubuntu.com>; Wed, 27 Mar 2024 00:19:09 +0000 (UTC)
Received: by mail-pl1-f197.google.com with SMTP id
 d9443c01a7336-1e0ac20246bso29124705ad.3
 for <kernel-team@lists.ubuntu.com>; Tue, 26 Mar 2024 17:19:09 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1711498747; x=1712103547;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=T8Jr/UHdpOTwNgrL0H9/x1G9huhlKTdVK61bu43KXVg=;
 b=CRka8eB8S2ZkKURuAYSs09FfS9/CkinLbjmL9TVBVUl4wHmW3Lis6KLIUKyB3V4Zer
 tlEQxCmnb7qmQUbBd2W5Qh5nWbMKHRCfkMVbVYlBe2DrIofnIwQBHn1v0+4u7eExuEc0
 Ie2G+dnkAm0tr7HZ61VG7MIOT7ACDWehpaRyy5yGA3JsS+SvqC5iMvMbRXB3tw3/PQby
 /lQBs2bv8iNtWkLKy3DV8y15CK84S4dUgDdG/VabE5yx6Djqmf55YKaAC2Q56Oy5Gj1L
 aKOWHPcQ1UV/XnYBPyyPc8UjFcS8Kdx+Wff0rOmVUc0D6ReoAI67zVaZ/Tk96lMbWbv5
 gZoQ==
X-Gm-Message-State: AOJu0YwztH7oP0v7m9Z+uJodO7HsgyDDoduu2m5c/uUmGPCNqC6HSBB9
 ctVibqs9U6ELhSj3ITFed61eD3Rv8hCq/VX8fqgCbnYi3lyPNYXoH1m/rGkt3ojSovz5OzWb7Yq
 aeoZFdwsjfTjcvWzF/Vpk50RRycOjVs0eGm3eG4iyaPwWJN4F3aQ8j6ceJDYU1YGt+pcq+CEach
 nSpYlkflJsmu4K
X-Received: by 2002:a17:902:e5ce:b0:1e0:b574:421c with SMTP id
 u14-20020a170902e5ce00b001e0b574421cmr3235340plf.44.1711498746880;
 Tue, 26 Mar 2024 17:19:06 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IFN59pEB62ALylevTsBOyaPk67neqqhKUjtBEU5KVr0UlWoWQ3/zaHjUEjFLIIN4Y9I7OizUA==
X-Received: by 2002:a17:902:e5ce:b0:1e0:b574:421c with SMTP id
 u14-20020a170902e5ce00b001e0b574421cmr3235325plf.44.1711498746571;
 Tue, 26 Mar 2024 17:19:06 -0700 (PDT)
Received: from localhost.localdomain ([2001:67c:1562:8007::aac:4795])
 by smtp.gmail.com with ESMTPSA id
 x11-20020a170902a38b00b001defa98b03fsm7663468pla.101.2024.03.26.17.19.04
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 26 Mar 2024 17:19:06 -0700 (PDT)
From: Yuxuan Luo <yuxuan.luo@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU][F/J/M][PATCH 2/2] UBUNTU: SAUCE: af_unix: fix lockdep positive
 in sk_diag_dump_icons()
Date: Tue, 26 Mar 2024 20:18:35 -0400
Message-Id: <20240327001835.104772-3-yuxuan.luo@canonical.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20240327001835.104772-1-yuxuan.luo@canonical.com>
References: <20240327001835.104772-1-yuxuan.luo@canonical.com>
MIME-Version: 1.0
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
 <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
 <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

[ upstream commit 4d322dce82a1d44f8c83f0f54f95dd1b8dcf46c9 ]

The 4d322dce82a1 ("af_unix: fix lockdep positive in
sk_diag_dump_icons()") commit modifies unix_state_lock_nested() which is
copied to security/apparmor/af_unix.c. This commit synchronizes this
change.

CVE-2024-26624
Signed-off-by: Yuxuan Luo <yuxuan.luo@canonical.com>
---
 security/apparmor/af_unix.c | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/security/apparmor/af_unix.c b/security/apparmor/af_unix.c
index 06d6946990b91..d9344ee66af9d 100644
--- a/security/apparmor/af_unix.c
+++ b/security/apparmor/af_unix.c
@@ -578,13 +578,11 @@ static void unix_state_double_lock(struct sock *sk1, struct sock *sk2)
 		unix_state_lock(sk1);
 		return;
 	}
-	if (sk1 < sk2) {
-		unix_state_lock(sk1);
-		unix_state_lock_nested(sk2);
-	} else {
-		unix_state_lock(sk2);
-		unix_state_lock_nested(sk1);
-	}
+	if (sk1 > sk2)
+		swap(sk1, sk2);
+
+	unix_state_lock(sk1);
+	unix_state_lock_nested(sk2, U_LOCK_SECOND);
 }
 
 static void unix_state_double_unlock(struct sock *sk1, struct sock *sk2)