redonkable
/
remarkable-linux
1
0
Fork 0
Code Releases Activity
remarkable-linux/net
History
Eric Dumazet 981f20bc75 soreuseport: fix mem leak in reuseport_add_sock() 
[ Upstream commit 4db428a7c9 ]

reuseport_add_sock() needs to deal with attaching a socket having
its own sk_reuseport_cb, after a prior
setsockopt(SO_ATTACH_REUSEPORT_?BPF)

Without this fix, not only a WARN_ONCE() was issued, but we were also
leaking memory.

Thanks to sysbot and Eric Biggers for providing us nice C repros.

------------[ cut here ]------------
socket already in reuseport group
WARNING: CPU: 0 PID: 3496 at net/core/sock_reuseport.c:119  
reuseport_add_sock+0x742/0x9b0 net/core/sock_reuseport.c:117
Kernel panic - not syncing: panic_on_warn set ...

CPU: 0 PID: 3496 Comm: syzkaller869503 Not tainted 4.15.0-rc6+ #245
Hardware name: Google Google Compute Engine/Google Compute Engine,
BIOS  
Google 01/01/2011
Call Trace:
  __dump_stack lib/dump_stack.c:17 [inline]
  dump_stack+0x194/0x257 lib/dump_stack.c:53
  panic+0x1e4/0x41c kernel/panic.c:183
  __warn+0x1dc/0x200 kernel/panic.c:547
  report_bug+0x211/0x2d0 lib/bug.c:184
  fixup_bug.part.11+0x37/0x80 arch/x86/kernel/traps.c:178
  fixup_bug arch/x86/kernel/traps.c:247 [inline]
  do_error_trap+0x2d7/0x3e0 arch/x86/kernel/traps.c:296
  do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:315
  invalid_op+0x22/0x40 arch/x86/entry/entry_64.S:1079

Fixes: ef456144da ("soreuseport: define reuseport groups")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot+c0ea2226f77a42936bf7@syzkaller.appspotmail.com
Acked-by: Craig Gallek <kraig@google.com>

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2018-02-13 10:19:48 +01:00
..
6lowpan License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
9p net/9p: Switch to wait_event_killable() 2017-11-30 08:40:49 +00:00
802 License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
8021q 8021q: fix a memory leak for VLAN 0 device 2018-01-17 09:45:20 +01:00
appletalk License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
atm License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ax25 License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
batman-adv Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-08-09 16:28:45 -07:00
bluetooth Bluetooth: Prevent stack info leak from the EFS element. 2018-01-17 09:45:26 +01:00
bpf bpf: Align packet data properly in program testing framework. 2017-05-02 11:46:28 -04:00
bridge net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks 2018-01-02 20:31:09 +01:00
caif License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
can can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once 2018-01-23 19:58:17 +01:00
ceph libceph: don't WARN() if user tries to add invalid key 2017-11-30 08:40:45 +00:00
core soreuseport: fix mem leak in reuseport_add_sock() 2018-02-13 10:19:48 +01:00
dcb rtnetlink: make rtnl_register accept a flags parameter 2017-08-09 16:57:38 -07:00
dccp dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state 2018-01-31 14:03:44 +01:00
decnet License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dns_resolver KEYS: Fix race between updating and finding a negative key 2017-10-18 09:12:40 +01:00
dsa net: dsa: return after vlan prepare phase 2017-11-11 15:45:09 +09:00
ethernet networking: make skb_push & __skb_push return void pointers 2017-06-16 11:48:40 -04:00
hsr net/hsr: Check skb_put_padto() return value 2017-08-22 13:40:23 -07:00
ieee802154 License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ife MAINTAINERS: Update Yotam's E-mail 2017-11-01 12:19:03 +09:00
ipv4 tcp_bbr: fix pacing_gain to always be unity when using lt_bw 2018-02-13 10:19:48 +01:00
ipv6 ipv6: Fix SO_REUSEPORT UDP socket with implicit sk_ipv6only 2018-02-13 10:19:48 +01:00
ipx License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
iucv iucv: Convert sk_wmem_alloc accesses to refcount_t. 2017-07-03 02:31:22 -07:00
kcm fix kcm_clone() 2017-12-17 15:07:59 +01:00
key af_key: fix buffer overread in parse_exthdrs() 2018-01-23 19:58:12 +01:00
l2tp l2tp: cleanup l2tp_tunnel_delete calls 2017-12-20 10:10:31 +01:00
l3mdev
lapb net, lapb: convert lapb_cb.refcnt from atomic_t to refcount_t 2017-07-04 22:35:16 +01:00
llc License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mac80211 mac80211: fix the update of path metric for RANN frame 2018-02-03 17:39:03 +01:00
mac802154 License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mpls License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ncsi net/ncsi: Fix length of GVI response packet 2017-10-21 01:56:38 +01:00
netfilter netfilter: xt_osf: Add missing permission checks 2018-01-31 14:03:41 +01:00
netlabel License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
netlink netlink: reset extack earlier in netlink_rcv_skb 2018-01-31 14:03:48 +01:00
netrom net, netrom: convert nr_node.refcount from atomic_t to refcount_t 2017-07-04 22:35:17 +01:00
nfc NFC: fix device-allocation error return 2017-11-30 08:40:55 +00:00
nsh nsh: add GSO support 2017-08-29 15:16:52 -07:00
openvswitch openvswitch: fix the incorrect flow action alloc size 2018-02-03 17:39:03 +01:00
packet net/packet: fix a race in packet_bind() and packet_notifier() 2017-12-17 15:07:56 +01:00
phonet License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
psample MAINTAINERS: Update Yotam's E-mail 2017-11-01 12:19:03 +09:00
qrtr qrtr: Move to postcore_initcall 2017-11-08 14:32:18 +09:00
rds RDS: null pointer dereference in rds_atomic_free_op 2018-01-17 09:45:21 +01:00
rfkill net: rfkill: gpio: Switch to devm_acpi_dev_add_driver_gpios() 2017-06-13 11:07:51 +02:00
rose net: Work around lockdep limitation in sockets that use sockets 2017-03-09 18:23:27 -08:00
rxrpc rxrpc: Fix service endpoint expiry 2018-02-03 17:39:01 +01:00
sched net/sched: Fix update of lastuse in act modules implementing stats_update 2018-01-17 09:45:22 +01:00
sctp sctp: set sender next_tsn for the old result with ctsn_ack_point plus 1 2018-02-03 17:39:04 +01:00
smc net/smc: use sk_rcvbuf as start for rmb creation 2017-12-14 09:53:05 +01:00
strparser strparser: Use delayed work instead of timer for msg timeout 2017-10-25 10:37:11 +09:00
sunrpc SUNRPC: Allow connect to return EHOSTUNREACH 2018-02-03 17:39:11 +01:00
switchdev net: switchdev: Remove bridge bypass support from switchdev 2017-08-07 14:48:48 -07:00
tipc tipc: fix a memory leak in tipc_nl_node_get_link() 2018-01-31 14:03:46 +01:00
tls tls: reset crypto_info when do_tls_setsockopt_tx fails 2018-01-31 14:03:48 +01:00
unix License cleanup: add SPDX license identifiers to some files 2017-11-02 10:04:46 -07:00
vmw_vsock License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
wimax License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
wireless nl80211: Sanitize array index in parse_txq_params 2018-02-07 11:12:23 -08:00
x25 License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm xfrm: Fix a race in the xdst pcpu cache. 2018-01-31 14:03:41 +01:00
Kconfig net: Remove CONFIG_NETFILTER_DEBUG and _ASSERT() macros. 2017-09-04 13:25:20 +02:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
compat.c net: compat: assert the size of cmsg copied in is as expected 2017-09-20 15:36:18 -07:00
socket.c bpf: introduce BPF_JIT_ALWAYS_ON config 2018-01-31 14:03:49 +01:00
sysctl_net.c sysctl: Remove dead register_sysctl_root 2017-04-16 23:42:49 -05:00