remarkable-linux

History

Hangbin Liu 138437f591 xfrm: move xfrm_garbage_collect out of xfrm_policy_flush Now we will force to do garbage collection if any policy removed in xfrm_policy_flush(). But during xfrm_net_exit(). We call flow_cache_fini() first and set set fc->percpu to NULL. Then after we call xfrm_policy_fini() -> frxm_policy_flush() -> flow_cache_flush(), we will get NULL pointer dereference when check percpu_empty. The code path looks like: flow_cache_fini() - fc->percpu = NULL xfrm_policy_fini() - xfrm_policy_flush() - xfrm_garbage_collect() - flow_cache_flush() - flow_cache_percpu_empty() - fcp = per_cpu_ptr(fc->percpu, cpu) To reproduce, just add ipsec in netns and then remove the netns. v2: As Xin Long suggested, since only two other places need to call it. move xfrm_garbage_collect() outside xfrm_policy_flush(). v3: Fix subject mismatch after v2 fix. Fixes: `35db069121` ("xfrm: do the garbage collection after flushing policy") Signed-off-by: Hangbin Liu <liuhangbin@gmail.com> Reviewed-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>		2017-06-12 11:51:21 +02:00
..
6lowpan
9p	xen: fixes for 4.12 rc2	2017-05-19 15:06:48 -07:00
802
8021q	vlan: Keep NETIF_F_HW_CSUM similar to other software devices	2017-05-08 14:39:19 -04:00
appletalk
atm
ax25
batman-adv
bluetooth
bpf	bpf: Align packet data properly in program testing framework.	2017-05-02 11:46:28 -04:00
bridge	net: bridge: fix a null pointer dereference in br_afspec	2017-06-06 16:05:31 -04:00
caif
can
ceph	libceph: cleanup old messages according to reconnect seq	2017-05-24 18:10:51 +02:00
core	devlink: fix potential memort leak	2017-06-05 11:24:28 -04:00
dcb
dccp	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2017-05-15 15:50:49 -07:00
decnet	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2017-05-09 15:42:31 -07:00
dns_resolver
dsa	net: dsa: Fix stale cpu_switch reference after unbind then bind	2017-06-04 22:55:17 -04:00
ethernet
hsr
ieee802154
ife
ipv4	net: ping: do not abuse udp_poll()	2017-06-04 22:56:55 -04:00
ipv6	net/ipv6: Fix CALIPSO causing GPF with datagram support	2017-06-06 15:18:20 -04:00
ipx	ipx: call ipxitf_put() in ioctl error path	2017-05-02 15:34:53 -04:00
irda
iucv
kcm
key	xfrm: move xfrm_garbage_collect out of xfrm_policy_flush	2017-06-12 11:51:21 +02:00
l2tp
l3mdev
lapb
llc	net: llc: add lock_sock in llc_ui_bind to avoid a race condition	2017-05-26 14:20:29 -04:00
mac80211	mac80211: fix dropped counter in multiqueue RX	2017-06-01 21:26:03 +02:00
mac802154
mpls	mpls: fix clearing of dead nh_flags on link up	2017-05-31 14:48:24 -04:00
ncsi
netfilter	netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize	2017-05-24 11:26:01 +02:00
netlabel
netlink	netlink: don't send unknown nsid	2017-06-01 11:49:39 -04:00
netrom
nfc
openvswitch	netfilter: introduce nf_conntrack_helper_put helper function	2017-05-15 12:42:29 +02:00
packet	net/packet: fix missing net_device reference release	2017-05-15 14:22:12 -04:00
phonet
psample
qrtr
rds	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next	2017-05-02 16:40:27 -07:00
rfkill
rose
rxrpc
sched	net: sched: cls_matchall: fix null pointer dereference	2017-05-22 14:54:16 -04:00
sctp	sctp: fix ICMP processing if skb is non-linear	2017-05-26 14:40:46 -04:00
smc	net/smc: Add warning about remote memory exposure	2017-05-16 14:49:43 -04:00
strparser
sunrpc	SUNRPC: ensure correct error is reported by xs_tcp_setup_socket()	2017-05-31 12:26:44 -04:00
switchdev
tipc	tipc: make macro tipc_wait_for_cond() smp safe	2017-05-11 22:19:30 -04:00
unix
vmw_vsock	vsock: use new wait API for vsock_stream_sendmsg()	2017-05-22 14:39:36 -04:00
wimax
wireless	cfg80211: make cfg80211_sched_scan_results() work from atomic context	2017-05-23 14:36:46 +02:00
x25	net: x25: fix one potential use-after-free issue	2017-05-18 10:05:40 -04:00
xfrm	xfrm: move xfrm_garbage_collect out of xfrm_policy_flush	2017-06-12 11:51:21 +02:00
compat.c
Kconfig
Makefile
socket.c
sysctl_net.c