icmp: Fix data-races around sysctl_icmp_echo_enable_probe.

[ Upstream commit 4a2f7083cc6cb72dade9a63699ca352fad26d1cd ]

While reading sysctl_icmp_echo_enable_probe, it can be changed
concurrently.  Thus, we need to add READ_ONCE() to its readers.

Fixes: d329ea5bd884 ("icmp: add response to RFC 8335 PROBE messages")
Fixes: 1fd07f33c3ea ("ipv6: ICMPV6: add response to ICMPV6 RFC 8335 PROBE messages")
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
index b5766b6..91be441 100644 (file)
--- a/net/ipv4/icmp.c
+++ b/net/ipv4/icmp.c
@@ -1034,7 +1034,7 @@ bool icmp_build_probe(struct sk_buff *skb, struct icmphdr *icmphdr)
        u16 ident_len;
        u8 status;
 
-       if (!net->ipv4.sysctl_icmp_echo_enable_probe)
+       if (!READ_ONCE(net->ipv4.sysctl_icmp_echo_enable_probe))
                return false;
 
        /* We currently only support probing interfaces on the proxy node

diff --git a/net/ipv6/icmp.c b/net/ipv6/icmp.c
index 96c5cc0..716e771 100644 (file)
--- a/net/ipv6/icmp.c
+++ b/net/ipv6/icmp.c
@@ -927,7 +927,7 @@ static int icmpv6_rcv(struct sk_buff *skb)
                break;
        case ICMPV6_EXT_ECHO_REQUEST:
                if (!net->ipv6.sysctl.icmpv6_echo_ignore_all &&
-                   net->ipv4.sysctl_icmp_echo_enable_probe)
+                   READ_ONCE(net->ipv4.sysctl_icmp_echo_enable_probe))
                        icmpv6_echo_reply(skb);
                break;