linux/drivers/net
Ross Lagerwall f599c64fdf xen-netfront: Fix race between device setup and open
When a netfront device is set up it registers a netdev fairly early on,
before it has set up the queues and is actually usable. A userspace tool
like NetworkManager will immediately try to open it and access its state
as soon as it appears. The bug can be reproduced by hotplugging VIFs
until the VM runs out of grant refs. It registers the netdev but fails
to set up any queues (since there are no more grant refs). In the
meantime, NetworkManager opens the device and the kernel crashes trying
to access the queues (of which there are none).

Fix this in two ways:
* For initial setup, register the netdev much later, after the queues
are setup. This avoids the race entirely.
* During a suspend/resume cycle, the frontend reconnects to the backend
and the queues are recreated. It is possible (though highly unlikely) to
race with something opening the device and accessing the queues after
they have been destroyed but before they have been recreated. Extend the
region covered by the rtnl semaphore to protect against this race. There
is a possibility that we fail to recreate the queues so check for this
in the open function.

Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
2018-02-06 09:55:40 +01:00
..
appletalk Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-11-04 09:26:51 +09:00
arcnet Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-11-04 09:26:51 +09:00
bonding bonding: use nla_get_u64 to extract the value for IFLA_BOND_AD_ACTOR_SYSTEM 2017-11-28 15:56:40 -05:00
caif treewide: setup_timer() -> timer_setup() 2017-11-21 15:57:07 -08:00
can can: peak: fix potential bug in packet fragmentation 2018-01-16 15:33:15 +01:00
cris drivers/net: cris: Convert timers to use timer_setup() 2017-11-21 15:46:44 -08:00
dsa net: dsa: b53: Turn off Broadcom tags for more switches 2018-01-04 09:57:12 -05:00
ethernet r8169: fix memory corruption on retrieval of hardware statistics. 2018-01-25 21:34:04 -05:00
fddi License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fjes
hamradio treewide: Remove TIMER_FUNC_TYPE and TIMER_DATA_TYPE casts 2017-11-21 16:35:54 -08:00
hippi hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close 2017-12-13 14:52:57 -05:00
hyperv hv_netvsc: preserve hw_features on mtu/channels/ringparam changes 2017-11-16 10:49:00 +09:00
ieee802154 ieee802154: ca8210: use __func__ macro for debug messages 2017-11-06 16:39:14 +01:00
ipvlan ipvlan: Add the skb->mark as flow4's member to lookup route 2017-12-03 09:44:02 -05:00
phy mdio-sun4i: Fix a memory leak 2018-01-08 14:30:28 -05:00
plip net: plip: mark expected switch fall-throughs 2017-11-05 22:19:00 +09:00
ppp pppoe: take ->needed_headroom of lower device into account on xmit 2018-01-23 19:44:44 -05:00
slip treewide: setup_timer() -> timer_setup() 2017-11-21 15:57:07 -08:00
team Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-11-04 09:26:51 +09:00
usb usbnet: silence an unnecessary warning 2018-01-22 15:32:09 -05:00
vmxnet3 vmxnet3: repair memory leak 2018-01-23 19:57:52 -05:00
wan Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-11-29 13:10:25 -08:00
wimax License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
wireless wireless-drivers fixes for 4.15 2018-01-18 16:23:10 -05:00
xen-netback xen-netback: Fix logging message with spurious period after newline 2017-12-06 15:10:32 -05:00
dummy.c
eql.c treewide: setup_timer() -> timer_setup() 2017-11-21 15:57:07 -08:00
geneve.c net: don't call update_pmtu unconditionally 2018-01-25 16:27:34 -05:00
gtp.c
ifb.c
Kconfig
LICENSE.SRC
loopback.c
macsec.c genetlink: fix genlmsg_nlhdr() 2017-11-16 10:49:00 +09:00
macvlan.c macvlan: Fix one possible double free 2018-01-02 13:30:14 -05:00
macvtap.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-10-30 21:09:24 +09:00
Makefile Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-11-04 09:26:51 +09:00
mdio.c
mii.c
netconsole.c netconsole: make config_item_type const 2017-10-19 16:15:20 +02:00
nlmon.c
ntb_netdev.c drivers/net: ntb_netdev: Convert timers to use timer_setup() 2017-11-01 12:38:45 +09:00
rionet.c
sb1000.c
Space.c
sungem_phy.c
tap.c tap: free skb if flags error 2017-12-02 21:31:03 -05:00
thunderbolt.c net: thunderbolt: Stop using zero to mean no valid DMA mapping 2017-11-25 23:56:02 +09:00
tun.c tun: fix a memory leak for tfile->tx_array 2018-01-17 15:08:28 -05:00
veth.c
virtio_net.c virtio: bugfixes 2017-12-08 12:58:51 -08:00
vrf.c net: vrf: Add support for sends to local broadcast address 2018-01-25 21:51:03 -05:00
vsockmon.c
vxlan.c net: don't call update_pmtu unconditionally 2018-01-25 16:27:34 -05:00
xen-netfront.c xen-netfront: Fix race between device setup and open 2018-02-06 09:55:40 +01:00