vsock: avoid to assign transport if its initialization fails

If transport->init() fails, we can't assign the transport to the
socket, because it's not initialized correctly, and any future
calls to the transport callbacks would have an unexpected behavior.

Fixes: c0cfa2d8a788 ("vsock: add multi-transports support")
Reported-and-tested-by: syzbot+e2e5c07bf353b2f79daa@syzkaller.appspotmail.com
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Jorgen Hansen <jhansen@vmware.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c
index cc86598..74db4cd 100644 (file)
--- a/net/vmw_vsock/af_vsock.c
+++ b/net/vmw_vsock/af_vsock.c
@@ -412,6 +412,7 @@ int vsock_assign_transport(struct vsock_sock *vsk, struct vsock_sock *psk)
        const struct vsock_transport *new_transport;
        struct sock *sk = sk_vsock(vsk);
        unsigned int remote_cid = vsk->remote_addr.svm_cid;
+       int ret;
 
        switch (sk->sk_type) {
        case SOCK_DGRAM:
@@ -443,9 +444,15 @@ int vsock_assign_transport(struct vsock_sock *vsk, struct vsock_sock *psk)
        if (!new_transport || !try_module_get(new_transport->module))
                return -ENODEV;
 
+       ret = new_transport->init(vsk, psk);
+       if (ret) {
+               module_put(new_transport->module);
+               return ret;
+       }
+
        vsk->transport = new_transport;
 
-       return vsk->transport->init(vsk, psk);
+       return 0;
 }
 EXPORT_SYMBOL_GPL(vsock_assign_transport);