AcoSail/kernel_optimize_test
8
0
Fork 0
forked from luck/tmp_suning_uos_patched
Code Pull Requests Activity
982,277 Commits 7 Branches 0 Tags 1.9 GiB
C 98%
Assembly 1.1%
Shell 0.3%
Makefile 0.3%
Python 0.1%
Other 0.1%
61a89d0a5b
Go to file
Xin Long 61a89d0a5b sctp: check asoc strreset_chunk in sctp_generate_reconf_event 
[ Upstream commit 165e3e17fe8fe6a8aab319bc6e631a2e23b9a857 ]

A null pointer reference issue can be triggered when the response of a
stream reconf request arrives after the timer is triggered, such as:

  send Incoming SSN Reset Request --->
  CPU0:
   reconf timer is triggered,
   go to the handler code before hold sk lock
                            <--- reply with Outgoing SSN Reset Request
  CPU1:
   process Outgoing SSN Reset Request,
   and set asoc->strreset_chunk to NULL
  CPU0:
   continue the handler code, hold sk lock,
   and try to hold asoc->strreset_chunk, crash!

In Ying Xu's testing, the call trace is:

  [ ] BUG: kernel NULL pointer dereference, address: 0000000000000010
  [ ] RIP: 0010:sctp_chunk_hold+0xe/0x40 [sctp]
  [ ] Call Trace:
  [ ]  <IRQ>
  [ ]  sctp_sf_send_reconf+0x2c/0x100 [sctp]
  [ ]  sctp_do_sm+0xa4/0x220 [sctp]
  [ ]  sctp_generate_reconf_event+0xbd/0xe0 [sctp]
  [ ]  call_timer_fn+0x26/0x130

This patch is to fix it by returning from the timer handler if asoc
strreset_chunk is already set to NULL.

Fixes: 7b9438de0c ("sctp: add stream reconf timer")
Reported-by: Ying Xu <yinxu@redhat.com>
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-05-09 09:05:03 +02:00
arch ARM: dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35 2022-05-09 09:05:02 +02:00
block iocost: don't reset the inuse weight of under-weighted debtors 2022-05-09 09:05:00 +02:00
certs certs: Trigger creation of RSA module signing key if it's not an RSA key 2021-09-15 09:50:29 +02:00
crypto crypto: authenc - Fix sleep in atomic context in decrypt_tail 2022-04-08 14:39:59 +02:00
Documentation ext4, doc: fix incorrect h_reserved size 2022-04-27 13:53:57 +02:00
drivers wireguard: device: check for metadata_dst with skb_valid_dst() 2022-05-09 09:05:03 +02:00
fs jbd2: fix a potential race while discarding reserved buffers after an abort 2022-04-27 13:53:57 +02:00
include tcp: ensure to use the most recently sent skb when filling the rate sample 2022-05-09 09:05:03 +02:00
init init/main.c: return 1 from handled __setup() functions 2022-04-13 21:01:01 +02:00
ipc shm: extend forced shm destroy to support objects from several IPC nses 2021-12-01 09:19:10 +01:00
kernel perf/core: Fix perf_mmap fail when CONFIG_PERF_USE_VMALLOC enabled 2022-04-27 13:53:56 +02:00
lib hex2bin: fix access beyond string end 2022-05-09 09:04:59 +02:00
LICENSES LICENSES/deprecated: add Zlib license text 2020-09-16 14:33:49 +02:00
mm mm/mmu_notifier.c: fix race in mmu_interval_notifier_remove() 2022-04-27 13:53:54 +02:00
net sctp: check asoc strreset_chunk in sctp_generate_reconf_event 2022-05-09 09:05:03 +02:00
samples samples/bpf, xdpsock: Fix race when running for fix duration of time 2022-04-08 14:40:21 +02:00
scripts gcc-plugins: latent_entropy: use /dev/urandom 2022-04-20 09:23:26 +02:00
security Fix incorrect type in assignment of ipv6 port for audit 2022-04-08 14:40:31 +02:00
sound ASoC: soc-dapm: fix two incorrect uses of list iterator 2022-04-27 13:53:55 +02:00
tools perf report: Set PERF_SAMPLE_DATA_SRC bit for Arm SPE event 2022-04-27 13:53:56 +02:00
usr usr/include/Makefile: add linux/nfc.h to the compile-test coverage 2022-02-01 17:25:48 +01:00
virt KVM: Prevent module exit until all VMs are freed 2022-04-08 14:40:38 +02:00
.clang-format RDMA 5.10 pull request 2020-10-17 11:18:18 -07:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore kbuild: generate Module.symvers only when vmlinux exists 2021-05-19 10:12:59 +02:00
.mailmap mailmap: add two more addresses of Uwe Kleine-König 2020-12-06 10:19:07 -08:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: Move Jason Cooper to CREDITS 2020-11-30 10:20:34 +01:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS MAINTAINERS: adjust GCC PLUGINS after gcc-plugin.sh removal 2021-12-14 11:32:46 +01:00
Makefile Linux 5.10.113 2022-04-27 13:53:58 +02:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.