AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2025-01-25 17:20:10 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
93b5cbfa96
linux_dsm_epyc7002/drivers/net
History
Taehee Yoo 93b5cbfa96 net: rmnet: fix NULL pointer dereference in rmnet_newlink() 
rmnet registers IFLA_LINK interface as a lower interface.
But, IFLA_LINK could be NULL.
In the current code, rmnet doesn't check IFLA_LINK.
So, panic would occur.

Test commands:
    modprobe rmnet
    ip link add rmnet0 type rmnet mux_id 1

Splat looks like:
[   36.826109][ T1115] general protection fault, probably for non-canonical address 0xdffffc0000000000I
[   36.838817][ T1115] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[   36.839908][ T1115] CPU: 1 PID: 1115 Comm: ip Not tainted 5.6.0-rc1+ #447
[   36.840569][ T1115] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   36.841408][ T1115] RIP: 0010:rmnet_newlink+0x54/0x510 [rmnet]
[   36.841986][ T1115] Code: 83 ec 18 48 c1 e9 03 80 3c 01 00 0f 85 d4 03 00 00 48 8b 6a 28 48 b8 00 00 00 00 00 c
[   36.843923][ T1115] RSP: 0018:ffff8880b7e0f1c0 EFLAGS: 00010247
[   36.844756][ T1115] RAX: dffffc0000000000 RBX: ffff8880d14cca00 RCX: 1ffff11016fc1e99
[   36.845859][ T1115] RDX: 0000000000000000 RSI: ffff8880c3d04000 RDI: 0000000000000004
[   36.846961][ T1115] RBP: 0000000000000000 R08: ffff8880b7e0f8b0 R09: ffff8880b6ac2d90
[   36.848020][ T1115] R10: ffffffffc0589a40 R11: ffffed1016d585b7 R12: ffffffff88ceaf80
[   36.848788][ T1115] R13: ffff8880c3d04000 R14: ffff8880b7e0f8b0 R15: ffff8880c3d04000
[   36.849546][ T1115] FS:  00007f50ab3360c0(0000) GS:ffff8880da000000(0000) knlGS:0000000000000000
[   36.851784][ T1115] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   36.852422][ T1115] CR2: 000055871afe5ab0 CR3: 00000000ae246001 CR4: 00000000000606e0
[   36.853181][ T1115] Call Trace:
[   36.853514][ T1115]  __rtnl_newlink+0xbdb/0x1270
[   36.853967][ T1115]  ? lock_downgrade+0x6e0/0x6e0
[   36.854420][ T1115]  ? rtnl_link_unregister+0x220/0x220
[   36.854936][ T1115]  ? lock_acquire+0x164/0x3b0
[   36.855376][ T1115]  ? is_bpf_image_address+0xff/0x1d0
[   36.855884][ T1115]  ? rtnl_newlink+0x4c/0x90
[   36.856304][ T1115]  ? kernel_text_address+0x111/0x140
[   36.856857][ T1115]  ? __kernel_text_address+0xe/0x30
[   36.857440][ T1115]  ? unwind_get_return_address+0x5f/0xa0
[   36.858063][ T1115]  ? create_prof_cpu_mask+0x20/0x20
[   36.858644][ T1115]  ? arch_stack_walk+0x83/0xb0
[   36.859171][ T1115]  ? stack_trace_save+0x82/0xb0
[   36.859710][ T1115]  ? stack_trace_consume_entry+0x160/0x160
[   36.860357][ T1115]  ? deactivate_slab.isra.78+0x2c5/0x800
[   36.860928][ T1115]  ? kasan_unpoison_shadow+0x30/0x40
[   36.861520][ T1115]  ? kmem_cache_alloc_trace+0x135/0x350
[   36.862125][ T1115]  ? rtnl_newlink+0x4c/0x90
[   36.864073][ T1115]  rtnl_newlink+0x65/0x90
[ ... ]

Fixes: ceed73a2cf ("drivers: net: ethernet: qualcomm: rmnet: Initial implementation")
Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2020-02-27 11:45:07 -08:00
..
appletalk
arcnet
bonding bonding: fix lockdep warning in bond_get_stats() 2020-02-16 19:32:11 -08:00
caif
can ioremap changes for 5.6 2020-01-27 13:03:00 -08:00
dsa net: dsa: bcm_sf2: Forcibly configure IMP port for 1Gb/sec 2020-02-26 16:38:23 -08:00
ethernet net: rmnet: fix NULL pointer dereference in rmnet_newlink() 2020-02-27 11:45:07 -08:00
fddi Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next 2020-01-28 16:02:33 -08:00
fjes Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next 2020-01-28 16:02:33 -08:00
hamradio
hippi
hyperv hv_netvsc: Fix unwanted wakeup in netvsc_attach() 2020-02-23 16:32:37 -08:00
ieee802154
ipvlan
netdevsim netdevsim: fix ptr_ret.cocci warnings 2020-02-05 13:55:32 +01:00
phy net: phy: marvell: don't interpret PHY status unless resolved 2020-02-27 11:17:21 -08:00
plip
ppp
slip slip: not call free_netdev before rtnl_unlock in slip_open 2020-02-26 20:37:06 -08:00
team
usb net: usb: qmi_wwan: restore mtu min/max values after raw_ip switch 2020-02-23 16:13:50 -08:00
vmxnet3
wan ARM: SoC-related driver updates 2020-02-08 14:04:19 -08:00
wimax
wireguard wireguard: socket: remove extra call to synchronize_net 2020-02-16 19:21:56 -08:00
wireless wireless-drivers fixes for v5.6 2020-02-08 15:03:11 +01:00
xen-netback
dummy.c
eql.c
geneve.c
gtp.c gtp: use icmp_ndo_send helper 2020-02-13 14:19:00 -08:00
ifb.c
Kconfig USB/Thunderbolt/PHY driver updates for 5.6-rc1 2020-01-29 10:09:44 -08:00
LICENSE.SRC
loopback.c
macsec.c
macvlan.c
macvtap.c
Makefile USB/Thunderbolt/PHY driver updates for 5.6-rc1 2020-01-29 10:09:44 -08:00
mdio.c
mii.c
net_failover.c
netconsole.c
nlmon.c
ntb_netdev.c
rionet.c
sb1000.c
Space.c
sungem_phy.c
tap.c
thunderbolt.c
tun.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-01-26 10:40:21 +01:00
veth.c bpf, xdp: Remove no longer required rcu_read_{un}lock() 2020-01-27 11:16:25 +01:00
virtio_net.c bpf, xdp: virtio_net use access ptr macro for xdp enable check 2020-01-27 11:16:25 +01:00
vrf.c
vsockmon.c
vxlan.c
xen-netfront.c