asgardius/android_kernel_motorola_sm6225
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_motorola_sm6225/net
History
David Ahern 1f17e2f2c8 net: ipv6: ignore null_entry on route dumps 
lkp-robot reported a BUG:
[   10.151226] BUG: unable to handle kernel NULL pointer dereference at 00000198
[   10.152525] IP: rt6_fill_node+0x164/0x4b8
[   10.153307] *pdpt = 0000000012ee5001 *pde = 0000000000000000
[   10.153309]
[   10.154492] Oops: 0000 [#1]
[   10.154987] CPU: 0 PID: 909 Comm: netifd Not tainted 4.10.0-rc4-00722-g41e8c70ee162-dirty #10
[   10.156482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.7.5-20140531_083030-gandalf 04/01/2014
[   10.158254] task: d0deb000 task.stack: d0e0c000
[   10.159059] EIP: rt6_fill_node+0x164/0x4b8
[   10.159780] EFLAGS: 00010296 CPU: 0
[   10.160404] EAX: 00000000 EBX: d10c2358 ECX: c1f7c6cc EDX: c1f6ff44
[   10.161469] ESI: 00000000 EDI: c2059900 EBP: d0e0dc4c ESP: d0e0dbe4
[   10.162534]  DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068
[   10.163482] CR0: 80050033 CR2: 00000198 CR3: 10d94660 CR4: 000006b0
[   10.164535] Call Trace:
[   10.164993]  ? paravirt_sched_clock+0x9/0xd
[   10.165727]  ? sched_clock+0x9/0xc
[   10.166329]  ? sched_clock_cpu+0x19/0xe9
[   10.166991]  ? lock_release+0x13e/0x36c
[   10.167652]  rt6_dump_route+0x4c/0x56
[   10.168276]  fib6_dump_node+0x1d/0x3d
[   10.168913]  fib6_walk_continue+0xab/0x167
[   10.169611]  fib6_walk+0x2a/0x40
[   10.170182]  inet6_dump_fib+0xfb/0x1e0
[   10.170855]  netlink_dump+0xcd/0x21f

This happens when the loopback device is set down and a ipv6 fib route
dump is requested.

ip6_null_entry is the root of all ipv6 fib tables making it integrated
into the table and hence passed to the ipv6 route dump code. The
null_entry route uses the loopback device for dst.dev but may not have
rt6i_idev set because of the order in which initializations are done --
ip6_route_net_init is run before addrconf_init has initialized the
loopback device. Fixing the initialization order is a much bigger problem
with no obvious solution thus far.

The BUG is triggered when the loopback is set down and the netif_running
check added by a1a22c1206 fails. The fill_node descends to checking
rt->rt6i_idev for ignore_routes_with_linkdown and since rt6i_idev is
NULL it faults.

The null_entry route should not be processed in a dump request. Catch
and ignore. This check is done in rt6_dump_route as it is the highest
place in the callchain with knowledge of both the route and the network
namespace.

Fixes: a1a22c1206("net: ipv6: Keep nexthop of multipath route on admin down")
Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-01-26 18:39:16 -05:00
..
6lowpan 6lowpan: use rb_entry() 2017-01-22 16:46:13 -05:00
9p
802 Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
8021q net: make ndo_get_stats64 a void function 2017-01-08 17:51:44 -05:00
appletalk
atm net: atm: Fix warnings in net/atm/lec.c when !CONFIG_PROC_FS 2016-12-28 15:11:32 -05:00
ax25 ax25: Fix segfault after sock connection timeout 2017-01-16 14:39:58 -05:00
batman-adv This feature/cleanup patchset includes the following patches: 2017-01-26 14:31:08 -05:00
bluetooth Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-12-16 10:24:44 -08:00
bridge bridge: move maybe_deliver_addr() inside #ifdef 2017-01-25 23:16:06 -05:00
caif net: caif: Remove unused stats member from struct chnl_net 2017-01-19 11:45:21 -05:00
can ktime: Cleanup ktime_set() usage 2016-12-25 17:21:22 +01:00
ceph libceph: remove now unused finish_request() wrapper 2016-12-14 22:39:08 +01:00
core bpf: allow option for setting bpf_l4_csum_replace from scratch 2017-01-24 14:46:06 -05:00
dcb net: dcb: set error code on failures 2016-12-03 23:54:25 -05:00
dccp inet: drop ->bind_conflict 2017-01-18 13:04:28 -05:00
decnet Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
dns_resolver
dsa net: dsa: Move ports assignment closer to error checking 2017-01-26 15:43:53 -05:00
ethernet
hsr
ieee802154 Makefile: drop -D__CHECK_ENDIAN__ from cflags 2016-12-16 00:13:43 +02:00
ipv4 net/tcp-fastopen: make connect()'s return case more consistent with non-TFO 2017-01-25 14:12:21 -05:00
ipv6 net: ipv6: ignore null_entry on route dumps 2017-01-26 18:39:16 -05:00
ipx ktime: Get rid of the union 2016-12-25 17:21:22 +01:00
irda Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
iucv net/af_iucv: don't use paged skbs for TX on HiperSockets 2017-01-10 21:08:29 -05:00
kcm
key
l2tp net: make ndo_get_stats64 a void function 2017-01-08 17:51:44 -05:00
l3mdev
lapb Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
llc
mac80211 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-01-17 15:19:37 -05:00
mac802154 ktime: Cleanup ktime_set() usage 2016-12-25 17:21:22 +01:00
mpls mpls: Packet stats 2017-01-17 14:38:43 -05:00
ncsi
netfilter Introduce a sysctl that modifies the value of PROT_SOCK. 2017-01-24 12:10:51 -05:00
netlabel netlabel: add CALIPSO to the list of built-in protocols 2017-01-06 22:20:45 -05:00
netlink netlink: do not enter direct reclaim from netlink_trim() 2017-01-16 13:39:35 -05:00
netrom
nfc
openvswitch Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-01-17 15:19:37 -05:00
packet packet: pdiag_put_ring() should return TX_RING info for TPACKET_V3 2017-01-10 21:02:42 -05:00
phonet
psample net: Introduce psample, a new genetlink channel for packet sampling 2017-01-24 13:44:28 -05:00
qrtr net: qrtr: Mark 'buf' as little endian 2017-01-10 20:45:04 -05:00
rds RDS: validate the requested traces user input against max supported 2017-01-06 22:14:26 -05:00
rfkill rfkill: Add rfkill-any LED trigger 2017-01-09 11:40:33 +01:00
rose Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
rxrpc rxrpc: Allow listen(sock, 0) to be used to disable listening 2017-01-09 11:10:02 +00:00
sched net sched actions: Add support for user cookies 2017-01-25 12:37:04 -05:00
sctp net: sctp: fix array overrun read on sctp_timer_tbl 2017-01-24 15:24:35 -05:00
smc smc: ETH_ALEN as memcpy length for mac addresses 2017-01-12 09:47:01 -05:00
strparser
sunrpc svcrdma: avoid duplicate dma unmapping during error recovery 2017-01-12 16:14:47 -05:00
switchdev
tipc tipc: uninitialized return code in tipc_setsockopt() 2017-01-25 12:41:34 -05:00
unix Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
vmw_vsock Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-12-17 20:17:04 -08:00
wimax
wireless Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-01-17 15:19:37 -05:00
x25 Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
xfrm ktime: Cleanup ktime_set() usage 2016-12-25 17:21:22 +01:00
compat.c net: Assert at build time the assumptions we make about the CMSG header. 2017-01-04 13:24:19 -05:00
Kconfig net: Introduce psample, a new genetlink channel for packet sampling 2017-01-24 13:44:28 -05:00
Makefile net: Introduce psample, a new genetlink channel for packet sampling 2017-01-24 13:44:28 -05:00
socket.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-01-11 14:43:39 -05:00
sysctl_net.c