linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH 1/2] ip_vti: fix a null pointer deferrence when create vti fallback tunnel
@ 2018-08-19  7:05 Haishuang Yan
  2018-08-19  7:05 ` [PATCH 2/2] ip6_vti: fix creating fallback tunnel device for vti6 Haishuang Yan
  2018-08-19 18:27 ` [PATCH 1/2] ip_vti: fix a null pointer deferrence when create vti fallback tunnel David Miller
  0 siblings, 2 replies; 5+ messages in thread
From: Haishuang Yan @ 2018-08-19  7:05 UTC (permalink / raw)
  To: Steffen Klassert, David S. Miller, Alexey Kuznetsov
  Cc: netdev, linux-kernel, Haishuang Yan, Eric Dumazet

After set fb_tunnels_only_for_init_net to 1, the itn->fb_tunnel_dev will
be NULL and will cause following crash:

[ 2742.849298] BUG: unable to handle kernel NULL pointer dereference at 0000000000000941
[ 2742.851380] PGD 800000042c21a067 P4D 800000042c21a067 PUD 42aaed067 PMD 0
[ 2742.852818] Oops: 0002 [#1] SMP PTI
[ 2742.853570] CPU: 7 PID: 2484 Comm: unshare Kdump: loaded Not tainted 4.18.0-rc8+ #2
[ 2742.855163] Hardware name: Fedora Project OpenStack Nova, BIOS seabios-1.7.5-11.el7 04/01/2014
[ 2742.856970] RIP: 0010:vti_init_net+0x3a/0x50 [ip_vti]
[ 2742.858034] Code: 90 83 c0 48 c7 c2 20 a1 83 c0 48 89 fb e8 6e 3b f6 ff 85 c0 75 22 8b 0d f4 19 00 00 48 8b 93 00 14 00 00 48 8b 14 ca 48 8b 12 <c6> 82 41 09 00 00 04 c6 82 38 09 00 00 45 5b c3 66 0f 1f 44 00 00
[ 2742.861940] RSP: 0018:ffff9be28207fde0 EFLAGS: 00010246
[ 2742.863044] RAX: 0000000000000000 RBX: ffff8a71ebed4980 RCX: 0000000000000013
[ 2742.864540] RDX: 0000000000000000 RSI: 0000000000000013 RDI: ffff8a71ebed4980
[ 2742.866020] RBP: ffff8a71ea717000 R08: ffffffffc083903c R09: ffff8a71ea717000
[ 2742.867505] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8a71ebed4980
[ 2742.868987] R13: 0000000000000013 R14: ffff8a71ea5b49c0 R15: 0000000000000000
[ 2742.870473] FS:  00007f02266c9740(0000) GS:ffff8a71ffdc0000(0000) knlGS:0000000000000000
[ 2742.872143] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2742.873340] CR2: 0000000000000941 CR3: 000000042bc20006 CR4: 00000000001606e0
[ 2742.874821] Call Trace:
[ 2742.875358]  ops_init+0x38/0xf0
[ 2742.876078]  setup_net+0xd9/0x1f0
[ 2742.876789]  copy_net_ns+0xb7/0x130
[ 2742.877538]  create_new_namespaces+0x11a/0x1d0
[ 2742.878525]  unshare_nsproxy_namespaces+0x55/0xa0
[ 2742.879526]  ksys_unshare+0x1a7/0x330
[ 2742.880313]  __x64_sys_unshare+0xe/0x20
[ 2742.881131]  do_syscall_64+0x5b/0x180
[ 2742.881933]  entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reproduce:
echo 1 > /proc/sys/net/core/fb_tunnels_only_for_init_net
modprobe ip_vti
unshare -n

Fixes: 79134e6ce2c9 (net: do not create fallback tunnels for non-default
namespaces)
Cc: Eric Dumazet <edumazet@google.com>
Signed-off-by: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>
---
 net/ipv4/ip_vti.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c
index 3f091cc..f38cb21 100644
--- a/net/ipv4/ip_vti.c
+++ b/net/ipv4/ip_vti.c
@@ -438,7 +438,8 @@ static int __net_init vti_init_net(struct net *net)
 	if (err)
 		return err;
 	itn = net_generic(net, vti_net_id);
-	vti_fb_tunnel_init(itn->fb_tunnel_dev);
+	if (itn->fb_tunnel_dev)
+		vti_fb_tunnel_init(itn->fb_tunnel_dev);
 	return 0;
 }
 
-- 
1.8.3.1




^ permalink raw reply related	[flat|nested] 5+ messages in thread
* [PATCH 2/2] ip6_vti: fix creating fallback tunnel device for vti6
  2018-08-19  7:05 [PATCH 1/2] ip_vti: fix a null pointer deferrence when create vti fallback tunnel Haishuang Yan
@ 2018-08-19  7:05 ` Haishuang Yan
  2018-08-19 18:27   ` David Miller
  2018-08-19 18:27 ` [PATCH 1/2] ip_vti: fix a null pointer deferrence when create vti fallback tunnel David Miller
  1 sibling, 1 reply; 5+ messages in thread
From: Haishuang Yan @ 2018-08-19  7:05 UTC (permalink / raw)
  To: Steffen Klassert, David S. Miller, Alexey Kuznetsov
  Cc: netdev, linux-kernel, Haishuang Yan

When set fb_tunnels_only_for_init_net to 1, don't create fallback tunnel
device for vti6 when a new namespace is created.

Tested:
[root@builder2 ~]# modprobe ip6_tunnel
[root@builder2 ~]# modprobe ip6_vti
[root@builder2 ~]# echo 1 > /proc/sys/net/core/fb_tunnels_only_for_init_net
[root@builder2 ~]# unshare -n
[root@builder2 ~]# ip link
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group
default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

Signed-off-by: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>
---
 net/ipv6/ip6_vti.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/net/ipv6/ip6_vti.c b/net/ipv6/ip6_vti.c
index c72ae3a..3b9f39f 100644
--- a/net/ipv6/ip6_vti.c
+++ b/net/ipv6/ip6_vti.c
@@ -1114,6 +1114,8 @@ static int __net_init vti6_init_net(struct net *net)
 	ip6n->tnls[0] = ip6n->tnls_wc;
 	ip6n->tnls[1] = ip6n->tnls_r_l;
 
+	if (!net_has_fallback_tunnels(net))
+		return 0;
 	err = -ENOMEM;
 	ip6n->fb_tnl_dev = alloc_netdev(sizeof(struct ip6_tnl), "ip6_vti0",
 					NET_NAME_UNKNOWN, vti6_dev_setup);
-- 
1.8.3.1




^ permalink raw reply related	[flat|nested] 5+ messages in thread
* Re: [PATCH 1/2] ip_vti: fix a null pointer deferrence when create vti fallback tunnel
  2018-08-19  7:05 [PATCH 1/2] ip_vti: fix a null pointer deferrence when create vti fallback tunnel Haishuang Yan
  2018-08-19  7:05 ` [PATCH 2/2] ip6_vti: fix creating fallback tunnel device for vti6 Haishuang Yan
@ 2018-08-19 18:27 ` David Miller
  2018-08-20  1:58   ` Haishuang Yan
  1 sibling, 1 reply; 5+ messages in thread
From: David Miller @ 2018-08-19 18:27 UTC (permalink / raw)
  To: yanhaishuang; +Cc: steffen.klassert, kuznet, netdev, linux-kernel, edumazet

From: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>
Date: Sun, 19 Aug 2018 15:05:04 +0800

> After set fb_tunnels_only_for_init_net to 1, the itn->fb_tunnel_dev will
> be NULL and will cause following crash:
 ...
> Reproduce:
> echo 1 > /proc/sys/net/core/fb_tunnels_only_for_init_net
> modprobe ip_vti
> unshare -n
> 
> Fixes: 79134e6ce2c9 (net: do not create fallback tunnels for non-default
> namespaces)
> Cc: Eric Dumazet <edumazet@google.com>
> Signed-off-by: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>

Applied, but please format your Fixes: tag properly next time.

Do not split up a Fixes tag into multiple lines, no matter how long it
is.  And enclose the commit header text in both parenthesis and double
quotes, not just parenthesis.  Like ("blah blah blah"), thank you.

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [PATCH 2/2] ip6_vti: fix creating fallback tunnel device for vti6
  2018-08-19  7:05 ` [PATCH 2/2] ip6_vti: fix creating fallback tunnel device for vti6 Haishuang Yan
@ 2018-08-19 18:27   ` David Miller
  0 siblings, 0 replies; 5+ messages in thread
From: David Miller @ 2018-08-19 18:27 UTC (permalink / raw)
  To: yanhaishuang; +Cc: steffen.klassert, kuznet, netdev, linux-kernel

From: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>
Date: Sun, 19 Aug 2018 15:05:05 +0800

> When set fb_tunnels_only_for_init_net to 1, don't create fallback tunnel
> device for vti6 when a new namespace is created.
> 
> Tested:
> [root@builder2 ~]# modprobe ip6_tunnel
> [root@builder2 ~]# modprobe ip6_vti
> [root@builder2 ~]# echo 1 > /proc/sys/net/core/fb_tunnels_only_for_init_net
> [root@builder2 ~]# unshare -n
> [root@builder2 ~]# ip link
> 1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group
> default qlen 1000
>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> 
> Signed-off-by: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>

Applied.

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [PATCH 1/2] ip_vti: fix a null pointer deferrence when create vti fallback tunnel
  2018-08-19 18:27 ` [PATCH 1/2] ip_vti: fix a null pointer deferrence when create vti fallback tunnel David Miller
@ 2018-08-20  1:58   ` Haishuang Yan
  0 siblings, 0 replies; 5+ messages in thread
From: Haishuang Yan @ 2018-08-20  1:58 UTC (permalink / raw)
  To: David Miller; +Cc: steffen.klassert, kuznet, netdev, linux-kernel, edumazet



> On 2018年8月20日, at 上午2:27, David Miller <davem@davemloft.net> wrote:
> 
> From: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>
> Date: Sun, 19 Aug 2018 15:05:04 +0800
> 
>> After set fb_tunnels_only_for_init_net to 1, the itn->fb_tunnel_dev will
>> be NULL and will cause following crash:
> ...
>> Reproduce:
>> echo 1 > /proc/sys/net/core/fb_tunnels_only_for_init_net
>> modprobe ip_vti
>> unshare -n
>> 
>> Fixes: 79134e6ce2c9 (net: do not create fallback tunnels for non-default
>> namespaces)
>> Cc: Eric Dumazet <edumazet@google.com>
>> Signed-off-by: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>
> 
> Applied, but please format your Fixes: tag properly next time.
> 
> Do not split up a Fixes tag into multiple lines, no matter how long it
> is.  And enclose the commit header text in both parenthesis and double
> quotes, not just parenthesis.  Like ("blah blah blah"), thank you.
> 

Okay, thanks for reviewing.


^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2018-08-20  1:58 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-08-19  7:05 [PATCH 1/2] ip_vti: fix a null pointer deferrence when create vti fallback tunnel Haishuang Yan
2018-08-19  7:05 ` [PATCH 2/2] ip6_vti: fix creating fallback tunnel device for vti6 Haishuang Yan
2018-08-19 18:27   ` David Miller
2018-08-19 18:27 ` [PATCH 1/2] ip_vti: fix a null pointer deferrence when create vti fallback tunnel David Miller
2018-08-20  1:58   ` Haishuang Yan

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).