leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
44aa91ab2b
linux/drivers/net
History
Govindarajulu Varadarajan 44aa91ab2b enic: handle error condition properly in enic_rq_indicate_buf 
In case of error in rx path, we free the buf->os_buf but we do not make it NULL.
In next iteration we use the skb which is already freed. This causes the
following crash.

[  886.154772] general protection fault: 0000 [#1] PREEMPT SMP
[  886.154851] Modules linked in: rpcsec_gss_krb5 auth_rpcgss oid_registry nfsv4 microcode evdev cirrus ttm drm_kms_helper drm enic syscopyarea sysfillrect sysimgblt psmouse i2c_piix4 serio_raw pcspkr i2c_core nfs lockd grace sunrpc fscache ext4 crc16 mbcache jbd2 sd_mod crc_t10dif crct10dif_common ata_generic ata_piix virtio_balloon libata scsi_mod uhci_hcd usbcore virtio_pci virtio_ring virtio usb_common
[  886.155199] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G        W      3.17.0-netnext-05668-g876bc7f #272
[  886.155263] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[  886.155304] task: ffffffff81a1d580 ti: ffffffff81a00000 task.ti: ffffffff81a00000
[  886.155356] RIP: 0010:[<ffffffff81384030>]  [<ffffffff81384030>] kfree_skb_list+0x10/0x30
[  886.155418] RSP: 0018:ffff880210603d48  EFLAGS: 00010206
[  886.155456] RAX: 0000000000000020 RBX: 0000000000000000 RCX: 0000000000000000
[  886.155504] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 004500084e000017
[  886.155553] RBP: ffff880210603d50 R08: 00000000fe13d1b6 R09: 0000000000000001
[  886.155601] R10: 0000000000000000 R11: 0000000000000000 R12: ffff880209ff2f00
[  886.155650] R13: ffff88020ac0fe40 R14: ffff880209ff2f00 R15: ffff8800da8e3a80
[  886.155699] FS:  0000000000000000(0000) GS:ffff880210600000(0000) knlGS:0000000000000000
[  886.155774] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[  886.155814] CR2: 00007f0e0c925000 CR3: 0000000035e8b000 CR4: 00000000000006f0
[  886.155865] Stack:
[  886.155882]  0000000000000000 ffff880210603d78 ffffffff81383f79 ffff880209ff2f00
[  886.155942]  ffff88020b0c0b40 000000000000c000 ffff880210603d90 ffffffff81383faf
[  886.156001]  ffff880209ff2f00 ffff880210603da8 ffffffff8138406d ffff88020b1b08c0
[  886.156061] Call Trace:
[  886.156080]  <IRQ>
[  886.156095]
[  886.156112]  [<ffffffff81383f79>] skb_release_data+0xa9/0xc0
[  886.157656]  [<ffffffff81383faf>] skb_release_all+0x1f/0x30
[  886.159195]  [<ffffffff8138406d>] consume_skb+0x1d/0x40
[  886.160719]  [<ffffffff813942e5>] __dev_kfree_skb_any+0x35/0x40
[  886.162224]  [<ffffffffa02dc1d5>] enic_rq_service.constprop.47+0xe5/0x5a0 [enic]
[  886.163756]  [<ffffffffa02dc829>] enic_poll_msix_rq+0x199/0x370 [enic]
[  886.164730]  [<ffffffff81397e29>] net_rx_action+0x139/0x210
[  886.164730]  [<ffffffff8105fb2e>] __do_softirq+0x14e/0x280
[  886.164730]  [<ffffffff8105ff2e>] irq_exit+0x8e/0xb0
[  886.164730]  [<ffffffff8100fc1d>] do_IRQ+0x5d/0x100
[  886.164730]  [<ffffffff81496832>] common_interrupt+0x72/0x72

fixes: a03bb56e67 ("enic: implement rx_copybreak")
Signed-off-by: Govindarajulu Varadarajan <_govind@gmx.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-11-06 16:42:04 -05:00
..
appletalk net: better IFF_XMIT_DST_RELEASE support 2014-10-07 13:22:11 -04:00
arcnet ARCNET: enable eae arcnet card support 2014-09-29 14:36:26 -04:00
bonding Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2014-10-08 21:40:54 -04:00
caif
can drivers/net/can/Kconfig: Let CAN_AT91 depend on HAS_IOMEM 2014-10-03 15:52:03 -07:00
cris
dsa dsa: mv88e6171: Fix tagging protocol/Kconfig 2014-10-28 15:27:54 -04:00
ethernet enic: handle error condition properly in enic_rq_indicate_buf 2014-11-06 16:42:04 -05:00
fddi defxx: DEFEA's ESIC port I/O decoding cleanup 2014-09-28 17:22:10 -04:00
hamradio
hippi PCI: Remove DEFINE_PCI_DEVICE_TABLE macro use 2014-08-12 12:15:14 -06:00
hyperv hyperv: Fix the total_data_buflen in send path 2014-10-22 17:58:50 -04:00
ieee802154 mrf24j40: use pr_* / dev_* instead of printk() 2014-09-24 14:14:42 +02:00
irda drivers/net/irda/Kconfig: Let SH_IRDA depend on HAS_IOMEM 2014-10-03 15:52:04 -07:00
phy net: phy: Add SGMII Configuration for Marvell 88E1145 Initialization 2014-10-28 17:00:22 -04:00
plip
ppp Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2014-10-13 11:28:42 +02:00
slip
team Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-10-08 16:22:22 -04:00
usb r8152: stop submitting intr for -EPROTO 2014-10-31 13:55:10 -04:00
vmxnet3 PCI changes for the v3.18 merge window: 2014-10-09 15:03:49 -04:00
wan net: better IFF_XMIT_DST_RELEASE support 2014-10-07 13:22:11 -04:00
wimax kbuild: remove unnecessary "obj- := dummy.o" trick 2014-10-02 13:55:02 +02:00
wireless rtlwifi: rtl8192se: Fix firmware loading 2014-10-30 15:00:23 -04:00
xen-netback xen-netback: reintroduce guest Rx stall detection 2014-10-25 14:15:20 -04:00
dummy.c
eql.c net: better IFF_XMIT_DST_RELEASE support 2014-10-07 13:22:11 -04:00
ifb.c net: better IFF_XMIT_DST_RELEASE support 2014-10-07 13:22:11 -04:00
Kconfig drivers/net: macvtap and tun depend on INET 2014-10-30 23:50:26 -04:00
LICENSE.SRC
loopback.c net: better IFF_XMIT_DST_RELEASE support 2014-10-07 13:22:11 -04:00
macvlan.c macvlan: fix a race on port dismantle and possible skb leaks 2014-10-25 16:24:02 -04:00
macvtap.c macvtap: Fix csum_start when VLAN tags are present 2014-11-03 14:52:20 -05:00
Makefile net: reduce USB network driver config options. 2014-08-05 16:48:59 -07:00
mdio.c
mii.c
netconsole.c
nlmon.c
ntb_netdev.c
rionet.c
sb1000.c
Space.c
sungem_phy.c sungem: Fix global namespace pollution of phy accessors. 2014-08-27 23:07:12 -07:00
tun.c tun: Fix TUN_PKT_STRIP setting 2014-11-03 14:27:06 -05:00
veth.c
virtio_net.c drivers/net: Disable UFO through virtio 2014-10-30 20:01:18 -04:00
vxlan.c vxlan: fix a free after use 2014-10-17 16:23:58 -04:00
xen-netfront.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-10-18 09:31:37 -07:00