From mboxrd@z Thu Jan  1 00:00:00 1970
From: Cong Wang <xiyou.wangcong@gmail.com>
Subject: Re: [PATCH net] sch_sfq: fix null pointer dereference at timer expiration
Date: Tue, 28 Nov 2017 09:50:40 -0800
Message-ID: <CAM_iQpX3qXKkOZES2MALZhj8MQt4z7zLteNSP9vP104=NjpUfw@mail.gmail.com>
References: <3ae7106da7369ffc1f36c09bdd2778b52d1d488a.1511875582.git.pabeni@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Cc: Linux Kernel Network Developers <netdev@vger.kernel.org>,
        Jamal Hadi Salim <jhs@mojatatu.com>,
        Jiri Pirko <jiri@resnulli.us>,
        "David S. Miller" <davem@davemloft.net>,
        Kees Cook <keescook@chromium.org>
To: Paolo Abeni <pabeni@redhat.com>
Return-path: <netdev-owner@vger.kernel.org>
Received: from mail-pf0-f196.google.com ([209.85.192.196]:34755 "EHLO
        mail-pf0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1753164AbdK1RvC (ORCPT
        <rfc822;netdev@vger.kernel.org>); Tue, 28 Nov 2017 12:51:02 -0500
Received: by mail-pf0-f196.google.com with SMTP id a90so260224pfk.1
        for <netdev@vger.kernel.org>; Tue, 28 Nov 2017 09:51:01 -0800 (PST)
In-Reply-To: <3ae7106da7369ffc1f36c09bdd2778b52d1d488a.1511875582.git.pabeni@redhat.com>
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>

On Tue, Nov 28, 2017 at 5:28 AM, Paolo Abeni <pabeni@redhat.com> wrote:
> While converting sch_sfq to use timer_setup(), the commit cdeabbb88134
> ("net: sched: Convert timers to use timer_setup()") forgot to
> initialize the 'sch' field. As a result, the timer callback tries to
> dereference a NULL pointer, and the kernel does oops.
>
> Fix it initializing such field at qdisc creation time.
>
> Fixes: cdeabbb88134 ("net: sched: Convert timers to use timer_setup()")
> Signed-off-by: Paolo Abeni <pabeni@redhat.com>

Acked-by: Cong Wang <xiyou.wangcong@gmail.com>