AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2025-02-13 20:16:11 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
a49184c229
linux_dsm_epyc7002/net
History
Andrei Emeltchenko a49184c229 Bluetooth: Check sk is not owned before freeing l2cap_conn 
Check that socket sk is not locked in user process before removing
l2cap connection handler.

lock_sock and release_sock do not hold a normal spinlock directly but
instead hold the owner field. This means bh_lock_sock can still execute
even if the socket is "locked". More info can be found here:
http://www.linuxfoundation.org/collaborate/workgroups/networking/socketlocks

krfcommd kernel thread may be preempted with l2cap tasklet which remove
l2cap_conn structure. If krfcommd is in process of sending of RFCOMM reply
(like "RFCOMM UA" reply to "RFCOMM DISC") then kernel crash happens.

...
[  694.175933] Unable to handle kernel NULL pointer dereference at virtual address 00000000
[  694.184936] pgd = c0004000
[  694.187683] [00000000] *pgd=00000000
[  694.191711] Internal error: Oops: 5 [#1] PREEMPT
[  694.196350] last sysfs file: /sys/devices/platform/hci_h4p/firmware/hci_h4p/loading
[  694.260375] CPU: 0    Not tainted  (2.6.32.10 #1)
[  694.265106] PC is at l2cap_sock_sendmsg+0x43c/0x73c [l2cap]
[  694.270721] LR is at 0xd7017303
...
[  694.525085] Backtrace:
[  694.527587] [<bf266be0>] (l2cap_sock_sendmsg+0x0/0x73c [l2cap]) from [<c02f2cc8>] (sock_sendmsg+0xb8/0xd8)
[  694.537292] [<c02f2c10>] (sock_sendmsg+0x0/0xd8) from [<c02f3044>] (kernel_sendmsg+0x48/0x80)

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@nokia.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2010-12-01 21:04:36 -02:00
..
9p net/9p: Return error on read with NULL buffer 2010-10-28 09:08:49 -05:00
802 net/802: add __rcu annotations 2010-10-25 13:09:44 -07:00
8021q vlan: rcu annotations 2010-10-25 13:09:43 -07:00
appletalk
atm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2010-10-23 11:47:02 -07:00
ax25 Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2010-10-24 13:41:39 -07:00
bluetooth Bluetooth: Check sk is not owned before freeing l2cap_conn 2010-12-01 21:04:36 -02:00
bridge bridge: Forward reserved group addresses if !STP 2010-10-21 04:25:48 -07:00
caif
can can-raw: add msg_flags to distinguish local traffic 2010-10-21 04:27:03 -07:00
ceph ceph: fix num_pages_free accounting in pagelist 2010-10-20 15:38:23 -07:00
core pktgen: Limit how much data we copy onto the stack. 2010-10-28 11:47:53 -07:00
dcb
dccp dccp ccid-2: Stop polling 2010-10-28 10:27:01 -07:00
decnet
dns_resolver
dsa
econet
ethernet
ieee802154
ipv4 ip_gre: fix fallback tunnel setup 2010-10-30 16:21:28 -07:00
ipv6 ipv6/udp: report SndbufErrors and RcvbufErrors 2010-10-30 16:17:23 -07:00
ipx BKL: introduce CONFIG_BKL. 2010-10-21 15:44:13 +02:00
irda Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2010-10-24 13:41:39 -07:00
iucv [S390] cleanup lowcore access from external interrupts 2010-10-25 16:10:19 +02:00
key
l2tp l2tp: static functions should not be exported 2010-10-24 22:26:41 -07:00
lapb
llc
mac80211 mac80211: Minor optimization in ieee80211_rx_h_data 2010-11-30 13:58:07 -05:00
netfilter netfilter: xt_socket: Make tproto signed in socket_mt6_v1(). 2010-10-28 12:59:53 -07:00
netlabel
netlink netlink: fix netlink_change_ngroups() 2010-10-24 16:25:39 -07:00
netrom
packet
phonet phonet: remove the unused variable pn 2010-10-20 01:55:54 -07:00
rds RDS: Let rds_message_alloc_sgs() return NULL 2010-10-30 16:34:18 -07:00
rfkill rfkill: remove dead code 2010-11-15 13:24:06 -05:00
rose
rxrpc
sched Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2010-10-23 11:47:02 -07:00
sctp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2010-10-23 11:47:02 -07:00
sunrpc convert get_sb_single() users 2010-10-29 04:16:28 -04:00
tipc Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-10-21 08:43:05 -07:00
unix fs: allow for more than 2^31 files 2010-10-26 16:52:15 -07:00
wanrouter
wimax
wireless nl80211/cfg80211: extend mgmt-tx API for off-channel 2010-11-29 15:24:35 -05:00
x25 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2010-10-23 11:47:02 -07:00
xfrm xfrm: make xfrm_bundle_ok local 2010-10-21 03:09:46 -07:00
compat.c net: Limit socket I/O iovec total length to INT_MAX. 2010-10-28 11:47:52 -07:00
Kconfig ceph: factor out libceph from Ceph file system 2010-10-20 15:37:28 -07:00
Makefile ceph: factor out libceph from Ceph file system 2010-10-20 15:37:28 -07:00
nonet.c llseek: automatically add .llseek fop 2010-10-15 15:53:27 +02:00
socket.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2010-10-30 18:42:58 -07:00
sysctl_net.c
TUNABLE