From: Stefan Raspl <raspl@linux.ibm.com>
Subject: net/smc: no shutdown in state SMC_LISTEN
Patch-mainline: v4.18
Git-commit: caa21e19e08d7a1445116a93f7ab4e187ebbbadb
References: FATE#325698, LTC#167867, bsc#1113481

Description:  smc: Latest upstream fixes and extensions up to 8/17/2018

Upstream-Description:

              net/smc: no shutdown in state SMC_LISTEN

              Invoking shutdown for a socket in state SMC_LISTEN does not make
              sense. Nevertheless programs like syzbot fuzzing the kernel may
              try to do this. For SMC this means a socket refcounting problem.
              This patch makes sure a shutdown call for an SMC socket in state
              SMC_LISTEN simply returns with -ENOTCONN.

              Signed-off-by: Ursula Braun <ubraun@linux.ibm.com>
              Signed-off-by: David S. Miller <davem@davemloft.net>

Signed-off-by: Stefan Raspl <raspl@linux.ibm.com>
Acked-by: Petr Tesarik <ptesarik@suse.com>
---
 net/smc/af_smc.c |    3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

--- a/net/smc/af_smc.c
+++ b/net/smc/af_smc.c
@@ -1398,8 +1398,7 @@ static int smc_shutdown(struct socket *s
 	lock_sock(sk);
 
 	rc = -ENOTCONN;
-	if ((sk->sk_state != SMC_LISTEN) &&
-	    (sk->sk_state != SMC_ACTIVE) &&
+	if ((sk->sk_state != SMC_ACTIVE) &&
 	    (sk->sk_state != SMC_PEERCLOSEWAIT1) &&
 	    (sk->sk_state != SMC_PEERCLOSEWAIT2) &&
 	    (sk->sk_state != SMC_APPCLOSEWAIT1) &&