* [PATCH v4.14-stable] sch_netem: restore skb->dev after dequeuing from the rbtree
@ 2018-10-18 20:38 Christoph Paasch
2018-10-18 22:43 ` David Miller
0 siblings, 1 reply; 5+ messages in thread
From: Christoph Paasch @ 2018-10-18 20:38 UTC (permalink / raw)
To: netdev, stable, David Miller, gregkh
Cc: Stephen Hemminger, Eric Dumazet, Soheil Hassas Yeganeh, Wei Wang,
Willem de Bruijn
Upstream commit bffa72cf7f9d ("net: sk_buff rbnode reorg") got
backported as commit 6b921536f170 ("net: sk_buff rbnode reorg") into the
v4.14.x-tree.
However, the backport does not include the changes in sch_netem.c
We need these, as otherwise the skb->dev pointer is not set when
dequeueing from the netem rbtree, resulting in a panic:
[ 15.427748] BUG: unable to handle kernel NULL pointer dereference at 00000000000000d0
[ 15.428863] IP: netif_skb_features+0x24/0x230
[ 15.429402] PGD 0 P4D 0
[ 15.429733] Oops: 0000 [#1] SMP PTI
[ 15.430169] Modules linked in:
[ 15.430614] CPU: 3 PID: 0 Comm: swapper/3 Not tainted 4.14.77.mptcp #77
[ 15.431497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.5.1 01/01/2011
[ 15.432568] task: ffff88042db19680 task.stack: ffffc90000070000
[ 15.433356] RIP: 0010:netif_skb_features+0x24/0x230
[ 15.433977] RSP: 0018:ffff88043fd83e70 EFLAGS: 00010286
[ 15.434665] RAX: ffff880429ad80c0 RBX: ffff88042bd0e400 RCX: ffff880429ad8000
[ 15.435585] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88042bd0e400
[ 15.436551] RBP: ffff88042bd0e400 R08: ffff88042a4b6c9c R09: 0000000000000001
[ 15.437485] R10: 0000000000000004 R11: 0000000000000000 R12: ffff88042c700000
[ 15.438393] R13: ffff88042c700000 R14: ffff88042a4b6c00 R15: ffff88042c6bb000
[ 15.439315] FS: 0000000000000000(0000) GS:ffff88043fd80000(0000) knlGS:0000000000000000
[ 15.440314] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 15.441084] CR2: 00000000000000d0 CR3: 000000042c374000 CR4: 00000000000006e0
[ 15.442016] Call Trace:
[ 15.442333] <IRQ>
[ 15.442596] validate_xmit_skb+0x17/0x270
[ 15.443134] validate_xmit_skb_list+0x38/0x60
[ 15.443698] sch_direct_xmit+0x102/0x190
[ 15.444198] __qdisc_run+0xe3/0x240
[ 15.444671] net_tx_action+0x121/0x140
[ 15.445177] __do_softirq+0xe2/0x224
[ 15.445654] irq_exit+0xbf/0xd0
[ 15.446072] smp_apic_timer_interrupt+0x5d/0x90
[ 15.446654] apic_timer_interrupt+0x7d/0x90
[ 15.447185] </IRQ>
[ 15.447460] RIP: 0010:native_safe_halt+0x2/0x10
[ 15.447992] RSP: 0018:ffffc90000073f10 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff10
[ 15.449008] RAX: ffffffff816667d0 RBX: ffffffff820946b0 RCX: 0000000000000000
[ 15.449895] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 15.450768] RBP: ffffffff82026940 R08: 00000004e858e5e1 R09: ffff88042a4b6d58
[ 15.451643] R10: 0000000000000000 R11: 000000d0d56879bb R12: 0000000000000000
[ 15.452478] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 15.453340] ? __sched_text_end+0x2/0x2
[ 15.453835] default_idle+0xf/0x20
[ 15.454259] do_idle+0x170/0x200
[ 15.454653] cpu_startup_entry+0x14/0x20
[ 15.455142] secondary_startup_64+0xa5/0xb0
[ 15.455715] Code: 1f 84 00 00 00 00 00 55 53 48 89 fd 48 83 ec 08 8b 87 bc 00 00 00 48 8b 8f c0 00 00 00 0f b6 97 81 00 00 00 48 8b 77 10 48 01 c8 <48> 8b 9
[ 15.458138] RIP: netif_skb_features+0x24/0x230 RSP: ffff88043fd83e70
[ 15.458933] CR2: 00000000000000d0
[ 15.459352] ---[ end trace 083925903ae60570 ]---
Fixes: 6b921536f170 ("net: sk_buff rbnode reorg")
Cc: Stephen Hemminger <stephen@networkplumber.org>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Soheil Hassas Yeganeh <soheil@google.com>
Cc: Wei Wang <weiwan@google.com>
Cc: Willem de Bruijn <willemb@google.com>
Signed-off-by: Christoph Paasch <cpaasch@apple.com>
---
Notes:
This patch should only make it into v4.14-stable as that's the only branch where
the offending commit has been backported to.
net/sched/sch_netem.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/net/sched/sch_netem.c b/net/sched/sch_netem.c
index 2a2ab6bfe5d8..3d325b840802 100644
--- a/net/sched/sch_netem.c
+++ b/net/sched/sch_netem.c
@@ -624,6 +624,10 @@ static struct sk_buff *netem_dequeue(struct Qdisc *sch)
skb->next = NULL;
skb->prev = NULL;
skb->tstamp = netem_skb_cb(skb)->tstamp_save;
+ /* skb->dev shares skb->rbnode area,
+ * we need to restore its value.
+ */
+ skb->dev = qdisc_dev(sch);
#ifdef CONFIG_NET_CLS_ACT
/*
--
2.16.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH v4.14-stable] sch_netem: restore skb->dev after dequeuing from the rbtree
2018-10-18 20:38 [PATCH v4.14-stable] sch_netem: restore skb->dev after dequeuing from the rbtree Christoph Paasch
@ 2018-10-18 22:43 ` David Miller
2018-10-30 19:12 ` Eduardo Valentin
0 siblings, 1 reply; 5+ messages in thread
From: David Miller @ 2018-10-18 22:43 UTC (permalink / raw)
To: cpaasch
Cc: netdev, stable, gregkh, stephen, edumazet, soheil, weiwan, willemb
From: Christoph Paasch <cpaasch@apple.com>
Date: Thu, 18 Oct 2018 13:38:40 -0700
> Upstream commit bffa72cf7f9d ("net: sk_buff rbnode reorg") got
> backported as commit 6b921536f170 ("net: sk_buff rbnode reorg") into the
> v4.14.x-tree.
>
> However, the backport does not include the changes in sch_netem.c
>
> We need these, as otherwise the skb->dev pointer is not set when
> dequeueing from the netem rbtree, resulting in a panic:
...
> Fixes: 6b921536f170 ("net: sk_buff rbnode reorg")
> Cc: Stephen Hemminger <stephen@networkplumber.org>
> Cc: Eric Dumazet <edumazet@google.com>
> Cc: Soheil Hassas Yeganeh <soheil@google.com>
> Cc: Wei Wang <weiwan@google.com>
> Cc: Willem de Bruijn <willemb@google.com>
> Signed-off-by: Christoph Paasch <cpaasch@apple.com>
> ---
>
> Notes:
> This patch should only make it into v4.14-stable as that's the only branch where
> the offending commit has been backported to.
Greg, please queue up.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v4.14-stable] sch_netem: restore skb->dev after dequeuing from the rbtree
2018-10-18 22:43 ` David Miller
@ 2018-10-30 19:12 ` Eduardo Valentin
2018-10-31 13:44 ` Sasha Levin
0 siblings, 1 reply; 5+ messages in thread
From: Eduardo Valentin @ 2018-10-30 19:12 UTC (permalink / raw)
To: David Miller, gregkh
Cc: cpaasch, netdev, stable, stephen, luqia, edumazet, soheil,
weiwan, willemb
Greg,
On Thu, Oct 18, 2018 at 03:43:48PM -0700, David Miller wrote:
> From: Christoph Paasch <cpaasch@apple.com>
> Date: Thu, 18 Oct 2018 13:38:40 -0700
>
> > Upstream commit bffa72cf7f9d ("net: sk_buff rbnode reorg") got
> > backported as commit 6b921536f170 ("net: sk_buff rbnode reorg") into the
> > v4.14.x-tree.
> >
> > However, the backport does not include the changes in sch_netem.c
> >
> > We need these, as otherwise the skb->dev pointer is not set when
> > dequeueing from the netem rbtree, resulting in a panic:
> ...
> > Fixes: 6b921536f170 ("net: sk_buff rbnode reorg")
> > Cc: Stephen Hemminger <stephen@networkplumber.org>
> > Cc: Eric Dumazet <edumazet@google.com>
> > Cc: Soheil Hassas Yeganeh <soheil@google.com>
> > Cc: Wei Wang <weiwan@google.com>
> > Cc: Willem de Bruijn <willemb@google.com>
> > Signed-off-by: Christoph Paasch <cpaasch@apple.com>
> > ---
> >
> > Notes:
> > This patch should only make it into v4.14-stable as that's the only branch where
> > the offending commit has been backported to.
>
> Greg, please queue up.
Are you planing to queue this one ?
Looks to me it was a miss on the backport.
It seams that the backport was touching different files, and missed the change
on net/sched/sch_netem.c. So, to me, even if this patch may not follow the
strictly the rules of stable, as it is not a patch in upstream, seams to be a
needed change, even if it is specific to stable linux-4.14.y.
>
--
All the best,
Eduardo Valentin
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v4.14-stable] sch_netem: restore skb->dev after dequeuing from the rbtree
2018-10-30 19:12 ` Eduardo Valentin
@ 2018-10-31 13:44 ` Sasha Levin
0 siblings, 0 replies; 5+ messages in thread
From: Sasha Levin @ 2018-10-31 13:44 UTC (permalink / raw)
To: Eduardo Valentin
Cc: David Miller, gregkh, cpaasch, netdev, stable, stephen, luqia,
edumazet, soheil, weiwan, willemb
On Tue, Oct 30, 2018 at 12:12:51PM -0700, Eduardo Valentin wrote:
>Greg,
>
>On Thu, Oct 18, 2018 at 03:43:48PM -0700, David Miller wrote:
>> From: Christoph Paasch <cpaasch@apple.com>
>> Date: Thu, 18 Oct 2018 13:38:40 -0700
>>
>> > Upstream commit bffa72cf7f9d ("net: sk_buff rbnode reorg") got
>> > backported as commit 6b921536f170 ("net: sk_buff rbnode reorg") into the
>> > v4.14.x-tree.
>> >
>> > However, the backport does not include the changes in sch_netem.c
>> >
>> > We need these, as otherwise the skb->dev pointer is not set when
>> > dequeueing from the netem rbtree, resulting in a panic:
>> ...
>> > Fixes: 6b921536f170 ("net: sk_buff rbnode reorg")
>> > Cc: Stephen Hemminger <stephen@networkplumber.org>
>> > Cc: Eric Dumazet <edumazet@google.com>
>> > Cc: Soheil Hassas Yeganeh <soheil@google.com>
>> > Cc: Wei Wang <weiwan@google.com>
>> > Cc: Willem de Bruijn <willemb@google.com>
>> > Signed-off-by: Christoph Paasch <cpaasch@apple.com>
>> > ---
>> >
>> > Notes:
>> > This patch should only make it into v4.14-stable as that's the only branch where
>> > the offending commit has been backported to.
>>
>> Greg, please queue up.
>
>Are you planing to queue this one ?
>
>Looks to me it was a miss on the backport.
>
>It seams that the backport was touching different files, and missed the change
>on net/sched/sch_netem.c. So, to me, even if this patch may not follow the
>strictly the rules of stable, as it is not a patch in upstream, seams to be a
>needed change, even if it is specific to stable linux-4.14.y.
I've queued this patch for 4.14.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v4.14-stable] sch_netem: restore skb->dev after dequeuing from the rbtree
@ 2018-10-31 13:44 ` Sasha Levin
0 siblings, 0 replies; 5+ messages in thread
From: Sasha Levin @ 2018-10-31 13:44 UTC (permalink / raw)
To: Eduardo Valentin
Cc: David Miller, gregkh, cpaasch, netdev, stable, stephen, luqia,
edumazet, soheil, weiwan, willemb
On Tue, Oct 30, 2018 at 12:12:51PM -0700, Eduardo Valentin wrote:
>Greg,
>
>On Thu, Oct 18, 2018 at 03:43:48PM -0700, David Miller wrote:
>> From: Christoph Paasch <cpaasch@apple.com>
>> Date: Thu, 18 Oct 2018 13:38:40 -0700
>>
>> > Upstream commit bffa72cf7f9d ("net: sk_buff rbnode reorg") got
>> > backported as commit 6b921536f170 ("net: sk_buff rbnode reorg") into the
>> > v4.14.x-tree.
>> >
>> > However, the backport does not include the changes in sch_netem.c
>> >
>> > We need these, as otherwise the skb->dev pointer is not set when
>> > dequeueing from the netem rbtree, resulting in a panic:
>> ...
>> > Fixes: 6b921536f170 ("net: sk_buff rbnode reorg")
>> > Cc: Stephen Hemminger <stephen@networkplumber.org>
>> > Cc: Eric Dumazet <edumazet@google.com>
>> > Cc: Soheil Hassas Yeganeh <soheil@google.com>
>> > Cc: Wei Wang <weiwan@google.com>
>> > Cc: Willem de Bruijn <willemb@google.com>
>> > Signed-off-by: Christoph Paasch <cpaasch@apple.com>
>> > ---
>> >
>> > Notes:
>> > This patch should only make it into v4.14-stable as that's the only branch where
>> > the offending commit has been backported to.
>>
>> Greg, please queue up.
>
>Are you planing to queue this one ?
>
>Looks to me it was a miss on the backport.
>
>It seams that the backport was touching different files, and missed the change
>on net/sched/sch_netem.c. So, to me, even if this patch may not follow the
>strictly the rules of stable, as it is not a patch in upstream, seams to be a
>needed change, even if it is specific to stable linux-4.14.y.
I've queued this patch for 4.14.
--
Thanks,
Sasha
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2018-10-31 22:42 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-10-18 20:38 [PATCH v4.14-stable] sch_netem: restore skb->dev after dequeuing from the rbtree Christoph Paasch
2018-10-18 22:43 ` David Miller
2018-10-30 19:12 ` Eduardo Valentin
2018-10-31 13:44 ` Sasha Levin
2018-10-31 13:44 ` Sasha Levin
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.