AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2024-12-28 11:18:45 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
93b5cbfa96
linux_dsm_epyc7002/drivers
History
Taehee Yoo 93b5cbfa96 net: rmnet: fix NULL pointer dereference in rmnet_newlink() 
rmnet registers IFLA_LINK interface as a lower interface.
But, IFLA_LINK could be NULL.
In the current code, rmnet doesn't check IFLA_LINK.
So, panic would occur.

Test commands:
    modprobe rmnet
    ip link add rmnet0 type rmnet mux_id 1

Splat looks like:
[   36.826109][ T1115] general protection fault, probably for non-canonical address 0xdffffc0000000000I
[   36.838817][ T1115] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[   36.839908][ T1115] CPU: 1 PID: 1115 Comm: ip Not tainted 5.6.0-rc1+ #447
[   36.840569][ T1115] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   36.841408][ T1115] RIP: 0010:rmnet_newlink+0x54/0x510 [rmnet]
[   36.841986][ T1115] Code: 83 ec 18 48 c1 e9 03 80 3c 01 00 0f 85 d4 03 00 00 48 8b 6a 28 48 b8 00 00 00 00 00 c
[   36.843923][ T1115] RSP: 0018:ffff8880b7e0f1c0 EFLAGS: 00010247
[   36.844756][ T1115] RAX: dffffc0000000000 RBX: ffff8880d14cca00 RCX: 1ffff11016fc1e99
[   36.845859][ T1115] RDX: 0000000000000000 RSI: ffff8880c3d04000 RDI: 0000000000000004
[   36.846961][ T1115] RBP: 0000000000000000 R08: ffff8880b7e0f8b0 R09: ffff8880b6ac2d90
[   36.848020][ T1115] R10: ffffffffc0589a40 R11: ffffed1016d585b7 R12: ffffffff88ceaf80
[   36.848788][ T1115] R13: ffff8880c3d04000 R14: ffff8880b7e0f8b0 R15: ffff8880c3d04000
[   36.849546][ T1115] FS:  00007f50ab3360c0(0000) GS:ffff8880da000000(0000) knlGS:0000000000000000
[   36.851784][ T1115] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   36.852422][ T1115] CR2: 000055871afe5ab0 CR3: 00000000ae246001 CR4: 00000000000606e0
[   36.853181][ T1115] Call Trace:
[   36.853514][ T1115]  __rtnl_newlink+0xbdb/0x1270
[   36.853967][ T1115]  ? lock_downgrade+0x6e0/0x6e0
[   36.854420][ T1115]  ? rtnl_link_unregister+0x220/0x220
[   36.854936][ T1115]  ? lock_acquire+0x164/0x3b0
[   36.855376][ T1115]  ? is_bpf_image_address+0xff/0x1d0
[   36.855884][ T1115]  ? rtnl_newlink+0x4c/0x90
[   36.856304][ T1115]  ? kernel_text_address+0x111/0x140
[   36.856857][ T1115]  ? __kernel_text_address+0xe/0x30
[   36.857440][ T1115]  ? unwind_get_return_address+0x5f/0xa0
[   36.858063][ T1115]  ? create_prof_cpu_mask+0x20/0x20
[   36.858644][ T1115]  ? arch_stack_walk+0x83/0xb0
[   36.859171][ T1115]  ? stack_trace_save+0x82/0xb0
[   36.859710][ T1115]  ? stack_trace_consume_entry+0x160/0x160
[   36.860357][ T1115]  ? deactivate_slab.isra.78+0x2c5/0x800
[   36.860928][ T1115]  ? kasan_unpoison_shadow+0x30/0x40
[   36.861520][ T1115]  ? kmem_cache_alloc_trace+0x135/0x350
[   36.862125][ T1115]  ? rtnl_newlink+0x4c/0x90
[   36.864073][ T1115]  rtnl_newlink+0x65/0x90
[ ... ]

Fixes: ceed73a2cf ("drivers: net: ethernet: qualcomm: rmnet: Initial implementation")
Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2020-02-27 11:45:07 -08:00
..
accessibility
acpi ACPI: PM: s2idle: Check fixed wakeup events in acpi_s2idle_wake() 2020-02-21 10:01:25 -08:00
amba
android
ata libata-5.6-2020-02-05 2020-02-06 06:11:50 +00:00
atm
auxdisplay
base ARM: SoC-related driver updates 2020-02-08 14:04:19 -08:00
bcma
block Merge branch 'merge.nfs-fs_parse.1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2020-02-08 13:26:41 -08:00
bluetooth
bus bus: moxtet: fix potential stack buffer overflow 2020-02-15 10:33:19 -08:00
cdrom
char tpm: Initialize crypto_id of allocated_banks to HASH_ALGO__LAST 2020-02-17 20:47:06 +02:00
clk ARM: SoC: late updates 2020-02-08 14:17:27 -08:00
clocksource ARM: SoC: late updates 2020-02-08 14:17:27 -08:00
connector
counter
cpufreq Merge branch 'pm-cpufreq' 2020-02-14 10:40:48 +01:00
cpuidle ARM: SoC-related driver updates 2020-02-08 14:04:19 -08:00
crypto
dax
dca
devfreq
dio
dma ARM: Device-tree updates 2020-02-08 13:58:44 -08:00
dma-buf
edac EDAC/sysfs: Remove csrow objects on errors 2020-02-13 13:29:41 +01:00
eisa
extcon
firewire
firmware ARM: SoC-related driver updates 2020-02-08 14:04:19 -08:00
fpga
fsi fsi: aspeed: add unspecified HAS_IOMEM dependency 2020-02-10 13:45:49 -08:00
gnss
gpio gpio: sifive: fix static checker warning 2020-02-10 13:54:17 +01:00
gpu Merge tag 'drm-intel-fixes-2020-02-20' of git://anongit.freedesktop.org/drm/drm-intel into drm-fixes 2020-02-21 12:46:54 +10:00
greybus
hid drm pull for 5.6-rc1 2020-01-30 08:04:01 -08:00
hsi
hv - Most of the commits here are work to enable host-initiated hibernation 2020-02-03 14:42:03 +00:00
hwmon hwmon: (pmbus/xdpe12284) fix typo in compatible strings 2020-02-12 12:43:01 -08:00
hwspinlock
hwtracing
i2c Merge branch 'i2c/for-5.6' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux 2020-02-07 12:54:13 -08:00
i3c
ide proc: convert everything to "struct proc_ops" 2020-02-04 03:05:26 +00:00
idle intel_idle: Introduce 'states_off' module parameter 2020-02-03 11:57:18 +01:00
iio chrome platform changes for 5.6 2020-02-04 07:17:41 +00:00
infiniband IB/mlx5: Use div64_u64 for num_var_hw_entries calculation 2020-02-14 15:21:52 -04:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2020-02-15 16:49:25 -08:00
interconnect
iommu iommu/arm-smmu: Restore naming of driver parameter prefix 2020-02-19 12:03:21 +01:00
ipack
irqchip irqchip/gic-v4.1: Avoid 64bit division for the sake of 32bit ARM 2020-02-09 15:47:37 -08:00
isdn proc: convert everything to "struct proc_ops" 2020-02-04 03:05:26 +00:00
leds
lightnvm
macintosh powerpc updates for 5.6 2020-02-04 13:06:46 +00:00
mailbox
mcb
md block-5.6-2020-02-16 2020-02-16 12:35:52 -08:00
media chrome platform changes for 5.6 2020-02-04 07:17:41 +00:00
memory
memstick
message
mfd chrome platform changes for 5.6 2020-02-04 07:17:41 +00:00
misc habanalabs: patched cb equals user cb in device memset 2020-02-11 11:12:47 +02:00
mmc
mtd treewide: remove redundant IS_ERR() before error code check 2020-02-04 03:05:27 +00:00
mux
net net: rmnet: fix NULL pointer dereference in rmnet_newlink() 2020-02-27 11:45:07 -08:00
nfc nfc: pn544: Fix occasional HW initialization failure 2020-02-19 11:09:27 -08:00
ntb
nubus
nvdimm mm: Cleanup __put_devmap_managed_page() vs ->page_free() 2020-01-31 10:30:37 -08:00
nvme block-5.6-2020-02-16 2020-02-16 12:35:52 -08:00
nvmem Merge branch 'i2c/for-5.6' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux 2020-02-07 12:54:13 -08:00
of ARM: SoC-related driver updates 2020-02-08 14:04:19 -08:00
opp
oprofile
parisc proc: convert everything to "struct proc_ops" 2020-02-04 03:05:26 +00:00
parport
pci pci-v5.6-fixes-1 2020-02-06 14:17:38 +00:00
pcmcia
perf perf/smmuv3: Use platform_get_irq_optional() for wired interrupt 2020-02-10 18:14:46 +00:00
phy treewide: remove redundant IS_ERR() before error code check 2020-02-04 03:05:27 +00:00
pinctrl pinctrl: fix pxa2xx.c build warnings 2020-02-04 03:05:24 +00:00
platform Merge branch 'akpm' (patches from Andrew) 2020-02-04 07:24:48 +00:00
pnp proc: convert everything to "struct proc_ops" 2020-02-04 03:05:26 +00:00
power ARM: SoC platform updates 2020-02-08 13:55:25 -08:00
powercap
pps
ps3
ptp
pwm
rapidio
ras
regulator - New Drivers 2020-02-03 14:51:57 +00:00
remoteproc
reset
rpmsg
rtc chrome platform changes for 5.6 2020-02-04 07:17:41 +00:00
s390 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-02-21 11:59:51 -08:00
sbus
scsi SCSI misc on 20200208 2020-02-08 17:24:41 -08:00
sfi
sh
siox
slimbus
soc soc/tegra: fuse: Fix build with Tegra194 configuration 2020-02-11 15:00:15 -08:00
soundwire
spi treewide: remove redundant IS_ERR() before error code check 2020-02-04 03:05:27 +00:00
spmi spmi: pmic-arb: Set lockdep class for hierarchical irq domains 2020-02-10 13:16:04 +01:00
ssb
staging staging: rtl8723bs: Remove unneeded goto statements 2020-02-10 10:32:38 -08:00
target
tc The main MIPS changes for 5.6: 2020-01-31 11:28:31 -08:00
tee ARM: SoC-related driver updates 2020-02-08 14:04:19 -08:00
thermal - Fix a SEVERE docs build failure for cpu idle cooling device (Randy Dunlap) 2020-01-31 14:39:21 -08:00
thunderbolt thunderbolt: Prevent crash if non-active NVMem file is read 2020-02-13 04:59:30 -08:00
tty vt: selection, close sel_buffer race 2020-02-13 12:10:07 -08:00
uio
usb USB: misc: iowarrior: add support for the 100 device 2020-02-17 10:44:43 +01:00
vfio VFIO updates for v5.6-rc1 2020-02-03 22:22:05 +00:00
vhost vhost: Check docket sk_family instead of call getname 2020-02-22 21:41:42 -08:00
video Kbuild updates for v5.6 (2nd) 2020-02-09 16:05:50 -08:00
virt
virtio virtio_balloon: Fix memory leaks on errors in virtballoon_probe() 2020-02-06 03:40:27 -05:00
visorbus
vlynq
vme
w1
watchdog watchdog: da9062: Add dependency on I2C 2020-02-17 13:19:08 +01:00
xen xen: branch for v5.6-rc1 2020-02-05 17:44:14 +00:00
zorro Kbuild updates for v5.6 (2nd) 2020-02-09 16:05:50 -08:00
Kconfig
Makefile