linux

mirror of https://github.com/torvalds/linux.git synced 2024-11-24 05:02:12 +00:00

History

Zhengchao Shao 2a3fc78210 net: sched: sfb: fix null pointer access issue when sfb_init() fails When the default qdisc is sfb, if the qdisc of dev_queue fails to be inited during mqprio_init(), sfb_reset() is invoked to clear resources. In this case, the q->qdisc is NULL, and it will cause gpf issue. The process is as follows: qdisc_create_dflt() sfb_init() tcf_block_get() --->failed, q->qdisc is NULL ... qdisc_put() ... sfb_reset() qdisc_reset(q->qdisc) --->q->qdisc is NULL ops = qdisc->ops The following is the Call Trace information: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f] RIP: 0010:qdisc_reset+0x2b/0x6f0 Call Trace: <TASK> sfb_reset+0x37/0xd0 qdisc_reset+0xed/0x6f0 qdisc_destroy+0x82/0x4c0 qdisc_put+0x9e/0xb0 qdisc_create_dflt+0x2c3/0x4a0 mqprio_init+0xa71/0x1760 qdisc_create+0x3eb/0x1000 tc_modify_qdisc+0x408/0x1720 rtnetlink_rcv_msg+0x38e/0xac0 netlink_rcv_skb+0x12d/0x3a0 netlink_unicast+0x4a2/0x740 netlink_sendmsg+0x826/0xcc0 sock_sendmsg+0xc5/0x100 ____sys_sendmsg+0x583/0x690 ___sys_sendmsg+0xe8/0x160 __sys_sendmsg+0xbf/0x160 do_syscall_64+0x35/0x80 entry_SYSCALL_64_after_hwframe+0x46/0xb0 RIP: 0033:0x7f2164122d04 </TASK> Fixes: `e13e02a3c6` ("net_sched: SFB flow scheduler") Signed-off-by: Zhengchao Shao <shaozhengchao@huawei.com> Signed-off-by: David S. Miller <davem@davemloft.net>		2022-10-19 13:47:09 +01:00
..
6lowpan
9p
802
8021q
appletalk
atm	net/atm: fix proc_mpc_write incorrect return value	2022-10-15 11:08:36 +01:00
ax25
batman-adv
bluetooth	Driver core changes for 6.1-rc1	2022-10-07 17:04:10 -07:00
bpf
bpfilter
bridge
caif
can
ceph
core	udp: Update reuse->has_conns under reuseport_lock.	2022-10-18 10:17:18 +02:00
dcb
dccp
dns_resolver
dsa	net: dsa: uninitialized variable in dsa_slave_netdevice_event()	2022-10-15 11:15:27 +01:00
ethernet
ethtool
hsr	net: hsr: avoid possible NULL deref in skb_clone()	2022-10-18 19:18:27 -07:00
ieee802154
ife
ipv4	udp: Update reuse->has_conns under reuseport_lock.	2022-10-18 10:17:18 +02:00
ipv6	ip6mr: fix UAF issue in ip6mr_sk_done() when addrconf_init_net() failed	2022-10-18 11:05:55 +02:00
iucv
kcm	kcm: avoid potential race in kcm_tx_work	2022-10-13 09:33:44 -07:00
key
l2tp
l3mdev
lapb
llc
mac80211	Merge branch 'cve-fixes-2022-10-13'	2022-10-13 11:59:56 +02:00
mac802154
mctp	mctp: prevent double key removal and unref	2022-10-12 13:30:50 +01:00
mpls
mptcp
ncsi
netfilter	cgroup changes for v6.1-rc1.	2022-10-10 11:12:25 -07:00
netlabel
netlink
netrom
nfc
nsh
openvswitch	openvswitch: add nf_ct_is_confirmed check before assigning the helper	2022-10-12 17:51:15 -07:00
packet
phonet
psample
qrtr
rds
rfkill
rose
rxrpc
sched	net: sched: sfb: fix null pointer access issue when sfb_init() fails	2022-10-19 13:47:09 +01:00
sctp
smc	net/smc: Fix an error code in smc_lgr_create()	2022-10-15 11:12:12 +01:00
strparser
sunrpc	NFS Client Updates for Linux 6.1	2022-10-13 09:58:42 -07:00
switchdev
tipc	tipc: fix an information leak in tipc_topsrv_kern_subscr	2022-10-14 08:20:17 +01:00
tls	tls: strp: make sure the TCP skbs do not have overlapping data	2022-10-14 08:25:26 +01:00
unix	Scheduler changes for v6.1:	2022-10-10 09:10:28 -07:00
vmw_vsock
wireless	Merge branch 'cve-fixes-2022-10-13'	2022-10-13 11:59:56 +02:00
x25
xdp
xfrm
compat.c
devres.c
Kconfig
Kconfig.debug
Makefile
socket.c
sysctl_net.c