https://github.com/torvalds/linux
Revision d02854dc1999ed3e7fd79ec700c64ac23ac0c458 authored by Subash Abhinov Kasiviswanathan on 10 November 2018, 01:56:27 UTC, committed by David S. Miller on 10 November 2018, 03:45:48 UTC
A null dereference was observed when a sysctl was being set
from userspace and rmnet was stuck trying to complete some actions
in the NETDEV_REGISTER callback. This is because the real_dev is set
only after the device registration handler completes.
sysctl call stack -
<6> Unable to handle kernel NULL pointer dereference at
virtual address 00000108
<2> pc : rmnet_vnd_get_iflink+0x1c/0x28
<2> lr : dev_get_iflink+0x2c/0x40
<2> rmnet_vnd_get_iflink+0x1c/0x28
<2> inet6_fill_ifinfo+0x15c/0x234
<2> inet6_ifinfo_notify+0x68/0xd4
<2> ndisc_ifinfo_sysctl_change+0x1b8/0x234
<2> proc_sys_call_handler+0xac/0x100
<2> proc_sys_write+0x3c/0x4c
<2> __vfs_write+0x54/0x14c
<2> vfs_write+0xcc/0x188
<2> SyS_write+0x60/0xc0
<2> el0_svc_naked+0x34/0x38
device register call stack -
<2> notifier_call_chain+0x84/0xbc
<2> raw_notifier_call_chain+0x38/0x48
<2> call_netdevice_notifiers_info+0x40/0x70
<2> call_netdevice_notifiers+0x38/0x60
<2> register_netdevice+0x29c/0x3d8
<2> rmnet_vnd_newlink+0x68/0xe8
<2> rmnet_newlink+0xa0/0x160
<2> rtnl_newlink+0x57c/0x6c8
<2> rtnetlink_rcv_msg+0x1dc/0x328
<2> netlink_rcv_skb+0xac/0x118
<2> rtnetlink_rcv+0x24/0x30
<2> netlink_unicast+0x158/0x1f0
<2> netlink_sendmsg+0x32c/0x338
<2> sock_sendmsg+0x44/0x60
<2> SyS_sendto+0x150/0x1ac
<2> el0_svc_naked+0x34/0x38
Fixes: b752eff5be24 ("net: qualcomm: rmnet: Implement ndo_get_iflink")
Signed-off-by: Sean Tranchetti <stranche@codeaurora.org>
Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
1 parent dd63c3e
Tip revision: d02854dc1999ed3e7fd79ec700c64ac23ac0c458 authored by Subash Abhinov Kasiviswanathan on 10 November 2018, 01:56:27 UTC
net: qualcomm: rmnet: Fix incorrect assignment of real_dev
net: qualcomm: rmnet: Fix incorrect assignment of real_dev
Tip revision: d02854d
| File | Mode | Size |
|---|---|---|
| Documentation | ||
| LICENSES | ||
| arch | ||
| block | ||
| certs | ||
| crypto | ||
| drivers | ||
| firmware | ||
| fs | ||
| include | ||
| init | ||
| ipc | ||
| kernel | ||
| lib | ||
| mm | ||
| net | ||
| samples | ||
| scripts | ||
| security | ||
| sound | ||
| tools | ||
| usr | ||
| virt | ||
| .clang-format | -rw-r--r-- | 12.7 KB |
| .cocciconfig | -rw-r--r-- | 59 bytes |
| .get_maintainer.ignore | -rw-r--r-- | 31 bytes |
| .gitattributes | -rw-r--r-- | 30 bytes |
| .gitignore | -rw-r--r-- | 1.5 KB |
| .mailmap | -rw-r--r-- | 10.5 KB |
| COPYING | -rw-r--r-- | 423 bytes |
| CREDITS | -rw-r--r-- | 96.4 KB |
| Kbuild | -rw-r--r-- | 2.2 KB |
| Kconfig | -rw-r--r-- | 563 bytes |
| MAINTAINERS | -rw-r--r-- | 470.2 KB |
| Makefile | -rw-r--r-- | 59.7 KB |
| README | -rw-r--r-- | 727 bytes |
Computing file changes ...
