From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751559Ab2AZGOo (ORCPT ); Thu, 26 Jan 2012 01:14:44 -0500 Received: from mail-we0-f174.google.com ([74.125.82.174]:42852 "EHLO mail-we0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751318Ab2AZGOY (ORCPT ); Thu, 26 Jan 2012 01:14:24 -0500 Message-ID: <1327558458.2605.23.camel@edumazet-laptop> Subject: Re: [PATCH net] caif: Fix crash due to uninitialized net name-space. From: Eric Dumazet To: Sjur =?ISO-8859-1?Q?Br=E6ndeland?= Cc: levinsasha928@gmail.com, netdev@vger.kernel.org, davem@davemloft.net, linux-kernel@vger.kernel.org, davej@redhat.com, sjurbren@gmail.com Date: Thu, 26 Jan 2012 07:14:18 +0100 In-Reply-To: <1327523631-3480-1-git-send-email-sjur.brandeland@stericsson.com> References: <1327523631-3480-1-git-send-email-sjur.brandeland@stericsson.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.2.2- Content-Transfer-Encoding: 8bit Mime-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Le mercredi 25 janvier 2012 à 21:33 +0100, Sjur Brændeland a écrit : > net_generic() calls BUG_ON() if called with uninitialized > network name-space. Add check if net is initialized before > calling net_generic(). This fixes the following oops: > > [ 200.752016] kernel BUG at include/net/netns/generic.h:40! > ... > [ 200.752016] [] ? get_cfcnfg+0x3a/0x180 > [ 200.752016] [] ? lockdep_rtnl_is_held+0x10/0x20 > [ 200.752016] [] caif_device_notify+0x2e/0x530 > [ 200.752016] [] notifier_call_chain+0x67/0x110 > [ 200.752016] [] raw_notifier_call_chain+0x11/0x20 > [ 200.752016] [] call_netdevice_notifiers+0x32/0x60 > [ 200.752016] [] register_netdevice+0x196/0x300 > [ 200.752016] [] register_netdev+0x19/0x30 > [ 200.752016] [] loopback_net_init+0x4a/0xa0 > [ 200.752016] [] ops_init+0x42/0x180 > [ 200.752016] [] setup_net+0x6b/0x100 > [ 200.752016] [] copy_net_ns+0x86/0x110 > [ 200.752016] [] create_new_namespaces+0xd9/0x190 > > Signed-off-by: Sjur Brændeland > Tested-by: Sasha Levin > > --- > > Hi Sasha and Dave, > > [Sasha] > >Works for me. > Thank you Sasha for reporting this bug and testing my patch, > I appreciate it. > > [Dave] > >Please post all networking patches CC:'d > Sorry, I missed the obvious. > I'm resending the same patch as yesterday, this time to:netdev > and with "Tested-by: Sasha". Please apply to net. > > Thanks, > Sjur > > net/caif/caif_dev.c | 8 ++++++++ > 1 files changed, 8 insertions(+), 0 deletions(-) > > diff --git a/net/caif/caif_dev.c b/net/caif/caif_dev.c > index 673728a..6110ade 100644 > --- a/net/caif/caif_dev.c > +++ b/net/caif/caif_dev.c > @@ -371,6 +371,14 @@ static int caif_device_notify(struct notifier_block *me, unsigned long what, > struct cflayer *layer, *link_support; > int head_room = 0; > struct caif_device_entry_list *caifdevs; > + int len; > + > + rcu_read_lock(); > + len = rcu_dereference(dev_net(dev)->gen)->len; > + rcu_read_unlock(); > + > + if (caif_net_id == 0 || caif_net_id > len) > + return 0; > > cfg = get_cfcnfg(dev_net(dev)); > caifdevs = caif_device_list(dev_net(dev)); This looks wrong. This should not be needed, something is broken elsewhere.