Home Home > GIT Browse
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJiri Slaby <jslaby@suse.cz>2019-05-17 06:38:43 +0200
committerJiri Slaby <jslaby@suse.cz>2019-05-17 06:38:50 +0200
commite09adbff452e90fdb81e1f1a8b37e66a60c6968e (patch)
tree5b10c51fd6e3169a152c79f79b62632c3ea08919
parent52f9ab5198507d3e95f1a8c92efe321fe0a44ea6 (diff)
packet: Fix error path in packet_init (bnc#1012628).
-rw-r--r--patches.kernel.org/5.1.3-024-packet-Fix-error-path-in-packet_init.patch93
-rw-r--r--series.conf1
2 files changed, 94 insertions, 0 deletions
diff --git a/patches.kernel.org/5.1.3-024-packet-Fix-error-path-in-packet_init.patch b/patches.kernel.org/5.1.3-024-packet-Fix-error-path-in-packet_init.patch
new file mode 100644
index 0000000000..cb238bde4e
--- /dev/null
+++ b/patches.kernel.org/5.1.3-024-packet-Fix-error-path-in-packet_init.patch
@@ -0,0 +1,93 @@
+From: YueHaibing <yuehaibing@huawei.com>
+Date: Thu, 9 May 2019 22:52:20 +0800
+Subject: [PATCH] packet: Fix error path in packet_init
+References: bnc#1012628
+Patch-mainline: 5.1.3
+Git-commit: 36096f2f4fa05f7678bc87397665491700bae757
+
+[ Upstream commit 36096f2f4fa05f7678bc87397665491700bae757 ]
+
+kernel BUG at lib/list_debug.c:47!
+invalid opcode: 0000 [#1
+CPU: 0 PID: 12914 Comm: rmmod Tainted: G W 5.1.0+ #47
+Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.9.3-0-ge2fc41e-prebuilt.qemu-project.org 04/01/2014
+RIP: 0010:__list_del_entry_valid+0x53/0x90
+Code: 48 8b 32 48 39 fe 75 35 48 8b 50 08 48 39 f2 75 40 b8 01 00 00 00 5d c3 48
+89 fe 48 89 c2 48 c7 c7 18 75 fe 82 e8 cb 34 78 ff <0f> 0b 48 89 fe 48 c7 c7 50 75 fe 82 e8 ba 34 78 ff 0f 0b 48 89 f2
+RSP: 0018:ffffc90001c2fe40 EFLAGS: 00010286
+RAX: 000000000000004e RBX: ffffffffa0184000 RCX: 0000000000000000
+RDX: 0000000000000000 RSI: ffff888237a17788 RDI: 00000000ffffffff
+RBP: ffffc90001c2fe40 R08: 0000000000000000 R09: 0000000000000000
+R10: ffffc90001c2fe10 R11: 0000000000000000 R12: 0000000000000000
+R13: ffffc90001c2fe50 R14: ffffffffa0184000 R15: 0000000000000000
+FS: 00007f3d83634540(0000) GS:ffff888237a00000(0000) knlGS:0000000000000000
+CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+CR2: 0000555c350ea818 CR3: 0000000231677000 CR4: 00000000000006f0
+Call Trace:
+ unregister_pernet_operations+0x34/0x120
+ unregister_pernet_subsys+0x1c/0x30
+ packet_exit+0x1c/0x369 [af_packet
+ __x64_sys_delete_module+0x156/0x260
+ ? lockdep_hardirqs_on+0x133/0x1b0
+ ? do_syscall_64+0x12/0x1f0
+ do_syscall_64+0x6e/0x1f0
+ entry_SYSCALL_64_after_hwframe+0x49/0xbe
+
+When modprobe af_packet, register_pernet_subsys
+fails and does a cleanup, ops->list is set to LIST_POISON1,
+but the module init is considered to success, then while rmmod it,
+BUG() is triggered in __list_del_entry_valid which is called from
+unregister_pernet_subsys. This patch fix error handing path in
+packet_init to avoid possilbe issue if some error occur.
+
+Reported-by: Hulk Robot <hulkci@huawei.com>
+Signed-off-by: YueHaibing <yuehaibing@huawei.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jslaby@suse.cz>
+---
+ net/packet/af_packet.c | 25 ++++++++++++++++++++-----
+ 1 file changed, 20 insertions(+), 5 deletions(-)
+
+diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
+index 9b81813dd16a..59da6f5b717d 100644
+--- a/net/packet/af_packet.c
++++ b/net/packet/af_packet.c
+@@ -4603,14 +4603,29 @@ static void __exit packet_exit(void)
+
+ static int __init packet_init(void)
+ {
+- int rc = proto_register(&packet_proto, 0);
++ int rc;
+
+- if (rc != 0)
++ rc = proto_register(&packet_proto, 0);
++ if (rc)
+ goto out;
++ rc = sock_register(&packet_family_ops);
++ if (rc)
++ goto out_proto;
++ rc = register_pernet_subsys(&packet_net_ops);
++ if (rc)
++ goto out_sock;
++ rc = register_netdevice_notifier(&packet_netdev_notifier);
++ if (rc)
++ goto out_pernet;
+
+- sock_register(&packet_family_ops);
+- register_pernet_subsys(&packet_net_ops);
+- register_netdevice_notifier(&packet_netdev_notifier);
++ return 0;
++
++out_pernet:
++ unregister_pernet_subsys(&packet_net_ops);
++out_sock:
++ sock_unregister(PF_PACKET);
++out_proto:
++ proto_unregister(&packet_proto);
+ out:
+ return rc;
+ }
+--
+2.21.0
+
diff --git a/series.conf b/series.conf
index e2c1cb517f..04a5131554 100644
--- a/series.conf
+++ b/series.conf
@@ -109,6 +109,7 @@
patches.kernel.org/5.1.3-021-net-macb-Change-interrupt-and-napi-enable-order.patch
patches.kernel.org/5.1.3-022-net-seeq-fix-crash-caused-by-not-set-dev.parent.patch
patches.kernel.org/5.1.3-023-net-ucc_geth-fix-Oops-when-changing-number-of-b.patch
+ patches.kernel.org/5.1.3-024-packet-Fix-error-path-in-packet_init.patch
########################################################
# Build fixes that apply to the vanilla kernel too.