When port reuse is enabled in a one-to-one-style socket, sctp_listen()
may call sctp_swap_inpcb_for_listen() to move the PCB out of the "TCP
pool". In so doing it will drop the PCB lock, yielding an LOR since we
now hold several socket locks. Reorder sctp_listen() so that it
performs this operation before beginning the conversion to a listening
I'm not sure why I didn't hit this in my pre-commit testing, as I had
been running syzkaller for quite a while with those changes.
While here, remove a bogus lock upgrade: the PCB lock is just a mutex,
not a reader-writer lock as the macro names imply.
Fixes: bd4a39cc93d9 ("socket: Properly interlock when transitioning to a listening socket")
Reported by: syzkaller