* [PATCH net v2] fou: avoid using sk_user_data before it is initialised
@ 2016-05-20 5:57 Simon Horman
2016-05-20 16:51 ` Cong Wang
2016-05-23 20:59 ` David Miller
0 siblings, 2 replies; 5+ messages in thread
From: Simon Horman @ 2016-05-20 5:57 UTC (permalink / raw)
To: netdev; +Cc: Tom Herbert, Cong Wang
During initialisation sk->sk_user_data should not be used before
it is initialised.
Found by bisection after noticing the following:
$ ip fou add port 8888 ipproto 47
[ 0.383417] BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
[ 0.384132] IP: [<ffffffff81327691>] fou_nl_cmd_add_port+0x1e1/0x230
[ 0.384707] PGD 1fafc067 PUD 1fb72067 PMD 0
[ 0.385110] Oops: 0002 [#1] SMP
[ 0.385387] Modules linked in:
[ 0.385667] CPU: 0 PID: 55 Comm: ip Not tainted 4.6.0-03623-g0b7962a6c4a3 #430
[ 0.386244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.7.5-20140531_083030-gandalf 04/01/2014
[ 0.386244] task: ffff88001fb9cac0 ti: ffff88001fbc8000 task.ti: ffff88001fbc8000
[ 0.386244] RIP: 0010:[<ffffffff81327691>] [<ffffffff81327691>] fou_nl_cmd_add_port+0x1e1/0x230
[ 0.386244] RSP: 0018:ffff88001fbcbb78 EFLAGS: 00010246
[ 0.386244] RAX: 0000000000000001 RBX: ffff88001fb8eb40 RCX: 000000000000002f
[ 0.386244] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff880019fcafc0
[ 0.386244] RBP: ffff880019fcaf80 R08: ffffffff8130c370 R09: ffff880019fcaf80
[ 0.386244] R10: ffff880019e12b8c R11: 0000000000000000 R12: 0000000000000004
[ 0.386244] R13: 0000000000000014 R14: ffff88001fb1a300 R15: ffffffff816634c0
[ 0.386244] FS: 00007f016eb4d700(0000) GS:ffff88001a200000(0000) knlGS:0000000000000000
[ 0.386244] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 0.386244] CR2: 0000000000000008 CR3: 000000001fb69000 CR4: 00000000000006b0
[ 0.386244] Stack:
[ 0.386244] ffff88001faaea24 ffff8800192426c0 00000002002f0001 0000000000000000
[ 0.386244] 0000000000000000 0000000000000000 0000000000000000 000000000000b822
[ 0.386244] ffffffff81461480 ffff88001faaea14 0000000000000004 ffffffff812b0e17
[ 0.386244] Call Trace:
[ 0.386244] [<ffffffff812b0e17>] ? genl_family_rcv_msg+0x197/0x320
[ 0.386244] [<ffffffff812b0fa0>] ? genl_family_rcv_msg+0x320/0x320
[ 0.386244] [<ffffffff812b1010>] ? genl_rcv_msg+0x70/0xb0
[ 0.386244] [<ffffffff812b01c1>] ? netlink_rcv_skb+0xa1/0xc0
[ 0.386244] [<ffffffff812b0c64>] ? genl_rcv+0x24/0x40
[ 0.386244] [<ffffffff812afb33>] ? netlink_unicast+0x143/0x1d0
[ 0.386244] [<ffffffff812affd6>] ? netlink_sendmsg+0x366/0x390
[ 0.386244] [<ffffffff8110a2a8>] ? rw_copy_check_uvector+0x68/0x110
[ 0.386244] [<ffffffff8126a030>] ? sock_sendmsg+0x10/0x20
[ 0.386244] [<ffffffff8126a661>] ? ___sys_sendmsg+0x1f1/0x200
[ 0.386244] [<ffffffff81110000>] ? pipe_write+0x1a0/0x420
[ 0.386244] [<ffffffff81116c32>] ? do_filp_open+0x92/0xe0
[ 0.386244] [<ffffffff8126b541>] ? __sys_sendmsg+0x41/0x70
[ 0.386244] [<ffffffff8139c81b>] ? entry_SYSCALL_64_fastpath+0x13/0x8f
[ 0.386244] Code: 4c 24 12 48 8b 93 28 02 00 00 48 c7 83 68 03 00 00 e0 76 32 81 48 c7 83 78 03 00 00 50 61 32 81 48 c7 83 80 03 00 00 e0 64 32 81 <88> 4a 08 e9 20 ff ff ff 4c 89 e7 bb 8e ff ff ff e8 1a 34 07 00
[ 0.386244] RIP [<ffffffff81327691>] fou_nl_cmd_add_port+0x1e1/0x230
[ 0.386244] RSP <ffff88001fbcbb78>
[ 0.386244] CR2: 0000000000000008
[ 0.407176] ---[ end trace 13bf0d24a4b7f9c3 ]---
Fixes: d92283e338f6 ("fou: change to use UDP socket GRO")
Signed-off-by: Simon Horman <simon.horman@netronome.com>
---
v2
* Updated implementation to simply access fou->protocol directly
as suggested by Tom Herbert and Cong Want
---
net/ipv4/fou.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/ipv4/fou.c b/net/ipv4/fou.c
index eeec7d60e5fd..0b7a98336a56 100644
--- a/net/ipv4/fou.c
+++ b/net/ipv4/fou.c
@@ -453,7 +453,7 @@ static int fou_encap_init(struct sock *sk, struct fou *fou, struct fou_cfg *cfg)
udp_sk(sk)->encap_rcv = fou_udp_recv;
udp_sk(sk)->gro_receive = fou_gro_receive;
udp_sk(sk)->gro_complete = fou_gro_complete;
- fou_from_sock(sk)->protocol = cfg->protocol;
+ fou->protocol = cfg->protocol;
return 0;
}
--
2.1.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH net v2] fou: avoid using sk_user_data before it is initialised
2016-05-20 5:57 [PATCH net v2] fou: avoid using sk_user_data before it is initialised Simon Horman
@ 2016-05-20 16:51 ` Cong Wang
2016-05-23 20:59 ` David Miller
1 sibling, 0 replies; 5+ messages in thread
From: Cong Wang @ 2016-05-20 16:51 UTC (permalink / raw)
To: Simon Horman; +Cc: Linux Kernel Network Developers, Tom Herbert
On Thu, May 19, 2016 at 10:57 PM, Simon Horman
<simon.horman@netronome.com> wrote:
> During initialisation sk->sk_user_data should not be used before
> it is initialised.
>
> Found by bisection after noticing the following:
>
> $ ip fou add port 8888 ipproto 47
> [ 0.383417] BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
> [ 0.384132] IP: [<ffffffff81327691>] fou_nl_cmd_add_port+0x1e1/0x230
> [ 0.384707] PGD 1fafc067 PUD 1fb72067 PMD 0
> [ 0.385110] Oops: 0002 [#1] SMP
> [ 0.385387] Modules linked in:
> [ 0.385667] CPU: 0 PID: 55 Comm: ip Not tainted 4.6.0-03623-g0b7962a6c4a3 #430
> [ 0.386244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.7.5-20140531_083030-gandalf 04/01/2014
> [ 0.386244] task: ffff88001fb9cac0 ti: ffff88001fbc8000 task.ti: ffff88001fbc8000
> [ 0.386244] RIP: 0010:[<ffffffff81327691>] [<ffffffff81327691>] fou_nl_cmd_add_port+0x1e1/0x230
> [ 0.386244] RSP: 0018:ffff88001fbcbb78 EFLAGS: 00010246
> [ 0.386244] RAX: 0000000000000001 RBX: ffff88001fb8eb40 RCX: 000000000000002f
> [ 0.386244] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff880019fcafc0
> [ 0.386244] RBP: ffff880019fcaf80 R08: ffffffff8130c370 R09: ffff880019fcaf80
> [ 0.386244] R10: ffff880019e12b8c R11: 0000000000000000 R12: 0000000000000004
> [ 0.386244] R13: 0000000000000014 R14: ffff88001fb1a300 R15: ffffffff816634c0
> [ 0.386244] FS: 00007f016eb4d700(0000) GS:ffff88001a200000(0000) knlGS:0000000000000000
> [ 0.386244] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [ 0.386244] CR2: 0000000000000008 CR3: 000000001fb69000 CR4: 00000000000006b0
> [ 0.386244] Stack:
> [ 0.386244] ffff88001faaea24 ffff8800192426c0 00000002002f0001 0000000000000000
> [ 0.386244] 0000000000000000 0000000000000000 0000000000000000 000000000000b822
> [ 0.386244] ffffffff81461480 ffff88001faaea14 0000000000000004 ffffffff812b0e17
> [ 0.386244] Call Trace:
> [ 0.386244] [<ffffffff812b0e17>] ? genl_family_rcv_msg+0x197/0x320
> [ 0.386244] [<ffffffff812b0fa0>] ? genl_family_rcv_msg+0x320/0x320
> [ 0.386244] [<ffffffff812b1010>] ? genl_rcv_msg+0x70/0xb0
> [ 0.386244] [<ffffffff812b01c1>] ? netlink_rcv_skb+0xa1/0xc0
> [ 0.386244] [<ffffffff812b0c64>] ? genl_rcv+0x24/0x40
> [ 0.386244] [<ffffffff812afb33>] ? netlink_unicast+0x143/0x1d0
> [ 0.386244] [<ffffffff812affd6>] ? netlink_sendmsg+0x366/0x390
> [ 0.386244] [<ffffffff8110a2a8>] ? rw_copy_check_uvector+0x68/0x110
> [ 0.386244] [<ffffffff8126a030>] ? sock_sendmsg+0x10/0x20
> [ 0.386244] [<ffffffff8126a661>] ? ___sys_sendmsg+0x1f1/0x200
> [ 0.386244] [<ffffffff81110000>] ? pipe_write+0x1a0/0x420
> [ 0.386244] [<ffffffff81116c32>] ? do_filp_open+0x92/0xe0
> [ 0.386244] [<ffffffff8126b541>] ? __sys_sendmsg+0x41/0x70
> [ 0.386244] [<ffffffff8139c81b>] ? entry_SYSCALL_64_fastpath+0x13/0x8f
> [ 0.386244] Code: 4c 24 12 48 8b 93 28 02 00 00 48 c7 83 68 03 00 00 e0 76 32 81 48 c7 83 78 03 00 00 50 61 32 81 48 c7 83 80 03 00 00 e0 64 32 81 <88> 4a 08 e9 20 ff ff ff 4c 89 e7 bb 8e ff ff ff e8 1a 34 07 00
> [ 0.386244] RIP [<ffffffff81327691>] fou_nl_cmd_add_port+0x1e1/0x230
> [ 0.386244] RSP <ffff88001fbcbb78>
> [ 0.386244] CR2: 0000000000000008
> [ 0.407176] ---[ end trace 13bf0d24a4b7f9c3 ]---
>
> Fixes: d92283e338f6 ("fou: change to use UDP socket GRO")
> Signed-off-by: Simon Horman <simon.horman@netronome.com>
Acked-by: Cong Wang <xiyou.wangcong@gmail.com>
Thanks!
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH net v2] fou: avoid using sk_user_data before it is initialised
2016-05-20 5:57 [PATCH net v2] fou: avoid using sk_user_data before it is initialised Simon Horman
2016-05-20 16:51 ` Cong Wang
@ 2016-05-23 20:59 ` David Miller
2016-05-23 21:05 ` Cong Wang
1 sibling, 1 reply; 5+ messages in thread
From: David Miller @ 2016-05-23 20:59 UTC (permalink / raw)
To: simon.horman; +Cc: netdev, tom, xiyou.wangcong
From: Simon Horman <simon.horman@netronome.com>
Date: Fri, 20 May 2016 14:57:17 +0900
> During initialisation sk->sk_user_data should not be used before
> it is initialised.
>
> Found by bisection after noticing the following:
...
> Fixes: d92283e338f6 ("fou: change to use UDP socket GRO")
> Signed-off-by: Simon Horman <simon.horman@netronome.com>
> ---
> v2
> * Updated implementation to simply access fou->protocol directly
> as suggested by Tom Herbert and Cong Want
I think this was resolved in another way meanwhile. If a fix is still
needed, please respin.
Thanks!
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH net v2] fou: avoid using sk_user_data before it is initialised
2016-05-23 20:59 ` David Miller
@ 2016-05-23 21:05 ` Cong Wang
2016-05-24 23:23 ` David Miller
0 siblings, 1 reply; 5+ messages in thread
From: Cong Wang @ 2016-05-23 21:05 UTC (permalink / raw)
To: David Miller; +Cc: Simon Horman, Linux Kernel Network Developers, Tom Herbert
On Mon, May 23, 2016 at 1:59 PM, David Miller <davem@davemloft.net> wrote:
> From: Simon Horman <simon.horman@netronome.com>
> Date: Fri, 20 May 2016 14:57:17 +0900
>
>> During initialisation sk->sk_user_data should not be used before
>> it is initialised.
>>
>> Found by bisection after noticing the following:
> ...
>> Fixes: d92283e338f6 ("fou: change to use UDP socket GRO")
>> Signed-off-by: Simon Horman <simon.horman@netronome.com>
>> ---
>> v2
>> * Updated implementation to simply access fou->protocol directly
>> as suggested by Tom Herbert and Cong Want
>
> I think this was resolved in another way meanwhile. If a fix is still
> needed, please respin.
This fix is only needed for -stable to backport, because Tom's
fix is within a series of patches, which makes it hard to backport.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH net v2] fou: avoid using sk_user_data before it is initialised
2016-05-23 21:05 ` Cong Wang
@ 2016-05-24 23:23 ` David Miller
0 siblings, 0 replies; 5+ messages in thread
From: David Miller @ 2016-05-24 23:23 UTC (permalink / raw)
To: xiyou.wangcong; +Cc: simon.horman, netdev, tom
From: Cong Wang <xiyou.wangcong@gmail.com>
Date: Mon, 23 May 2016 14:05:17 -0700
> On Mon, May 23, 2016 at 1:59 PM, David Miller <davem@davemloft.net> wrote:
>> From: Simon Horman <simon.horman@netronome.com>
>> Date: Fri, 20 May 2016 14:57:17 +0900
>>
>>> During initialisation sk->sk_user_data should not be used before
>>> it is initialised.
>>>
>>> Found by bisection after noticing the following:
>> ...
>>> Fixes: d92283e338f6 ("fou: change to use UDP socket GRO")
>>> Signed-off-by: Simon Horman <simon.horman@netronome.com>
>>> ---
>>> v2
>>> * Updated implementation to simply access fou->protocol directly
>>> as suggested by Tom Herbert and Cong Want
>>
>> I think this was resolved in another way meanwhile. If a fix is still
>> needed, please respin.
>
> This fix is only needed for -stable to backport, because Tom's
> fix is within a series of patches, which makes it hard to backport.
Ok, queued up for -stable.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2016-05-24 23:23 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-05-20 5:57 [PATCH net v2] fou: avoid using sk_user_data before it is initialised Simon Horman
2016-05-20 16:51 ` Cong Wang
2016-05-23 20:59 ` David Miller
2016-05-23 21:05 ` Cong Wang
2016-05-24 23:23 ` David Miller
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.