2
0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-09-04 20:19:47 +08:00
linux/drivers/net/ethernet/qualcomm/rmnet
Subash Abhinov Kasiviswanathan d02854dc19 net: qualcomm: rmnet: Fix incorrect assignment of real_dev
A null dereference was observed when a sysctl was being set
from userspace and rmnet was stuck trying to complete some actions
in the NETDEV_REGISTER callback. This is because the real_dev is set
only after the device registration handler completes.

sysctl call stack -

<6> Unable to handle kernel NULL pointer dereference at
    virtual address 00000108
<2> pc : rmnet_vnd_get_iflink+0x1c/0x28
<2> lr : dev_get_iflink+0x2c/0x40
<2>  rmnet_vnd_get_iflink+0x1c/0x28
<2>  inet6_fill_ifinfo+0x15c/0x234
<2>  inet6_ifinfo_notify+0x68/0xd4
<2>  ndisc_ifinfo_sysctl_change+0x1b8/0x234
<2>  proc_sys_call_handler+0xac/0x100
<2>  proc_sys_write+0x3c/0x4c
<2>  __vfs_write+0x54/0x14c
<2>  vfs_write+0xcc/0x188
<2>  SyS_write+0x60/0xc0
<2>  el0_svc_naked+0x34/0x38

device register call stack -

<2>  notifier_call_chain+0x84/0xbc
<2>  raw_notifier_call_chain+0x38/0x48
<2>  call_netdevice_notifiers_info+0x40/0x70
<2>  call_netdevice_notifiers+0x38/0x60
<2>  register_netdevice+0x29c/0x3d8
<2>  rmnet_vnd_newlink+0x68/0xe8
<2>  rmnet_newlink+0xa0/0x160
<2>  rtnl_newlink+0x57c/0x6c8
<2>  rtnetlink_rcv_msg+0x1dc/0x328
<2>  netlink_rcv_skb+0xac/0x118
<2>  rtnetlink_rcv+0x24/0x30
<2>  netlink_unicast+0x158/0x1f0
<2>  netlink_sendmsg+0x32c/0x338
<2>  sock_sendmsg+0x44/0x60
<2>  SyS_sendto+0x150/0x1ac
<2>  el0_svc_naked+0x34/0x38

Fixes: b752eff5be ("net: qualcomm: rmnet: Implement ndo_get_iflink")
Signed-off-by: Sean Tranchetti <stranche@codeaurora.org>
Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-11-09 19:45:48 -08:00
..
Kconfig net: qualcomm: rmnet: Add support for GRO 2017-10-28 00:10:23 +09:00
Makefile
rmnet_config.c net: qualcomm: rmnet: Fix warning seen with fill_info 2018-04-18 21:23:06 -04:00
rmnet_config.h net: qualcomm: rmnet: Add support for ethtool private stats 2018-05-16 14:23:04 -04:00
rmnet_handlers.c net: qualcomm: rmnet: Fix incorrect allocation flag in receive path 2018-10-02 22:16:00 -07:00
rmnet_handlers.h net: qualcomm: rmnet: Remove duplicate setting of rmnet private info 2017-10-11 20:05:30 -07:00
rmnet_map_command.c net: qualcomm: rmnet: Fix use after free while sending command ack 2018-06-05 10:17:05 -04:00
rmnet_map_data.c net: qualcomm: rmnet: Add support for ethtool private stats 2018-05-16 14:23:04 -04:00
rmnet_map.h net: qualcomm: rmnet: Update copyright year to 2018 2018-03-22 15:00:44 -04:00
rmnet_private.h net: qualcomm: rmnet: Export mux_id and flags to netlink 2018-03-22 15:00:44 -04:00
rmnet_vnd.c net: qualcomm: rmnet: Fix incorrect assignment of real_dev 2018-11-09 19:45:48 -08:00
rmnet_vnd.h net: qualcomm: rmnet: Convert the muxed endpoint to hlist 2017-10-11 20:05:30 -07:00