Home Home > GIT Browse
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenis Kirjanov <dkirjanov@suse.com>2019-05-02 13:49:28 +0200
committerDenis Kirjanov <dkirjanov@suse.com>2019-05-02 13:49:43 +0200
commit323fc5aa65417281d959315d86b93ce206b4dbcd (patch)
tree2f038a5f40ed2a4a57b1247274809c1e3d9a791e
parente25c55dbb7b589a8290529593acc3f7f0ee555b3 (diff)
xfrm: do not call rcu_read_unlock when afinfo is NULL in
xfrm_get_tos (git-fixes).
-rw-r--r--patches.fixes/0008-xfrm-do-not-call-rcu_read_unlock-when-afinfo-is-NULL.patch43
-rw-r--r--series.conf1
2 files changed, 44 insertions, 0 deletions
diff --git a/patches.fixes/0008-xfrm-do-not-call-rcu_read_unlock-when-afinfo-is-NULL.patch b/patches.fixes/0008-xfrm-do-not-call-rcu_read_unlock-when-afinfo-is-NULL.patch
new file mode 100644
index 0000000000..315aff42cd
--- /dev/null
+++ b/patches.fixes/0008-xfrm-do-not-call-rcu_read_unlock-when-afinfo-is-NULL.patch
@@ -0,0 +1,43 @@
+From: Xin Long <lucien.xin@gmail.com>
+Subject: xfrm: do not call rcu_read_unlock when afinfo is NULL
+ in xfrm_get_tos
+Patch-mainline: v4.16-rc7
+Git-commit: 143a4454daaf0e80a2b9f37159a0d6d2b61e64ed
+References: git-fixes
+
+When xfrm_policy_get_afinfo returns NULL, it will not hold rcu
+read lock. In this case, rcu_read_unlock should not be called
+in xfrm_get_tos, just like other places where it's calling
+xfrm_policy_get_afinfo.
+
+Fixes: f5e2bb4f5b22 ("xfrm: policy: xfrm_get_tos cannot fail")
+Signed-off-by: Xin Long <lucien.xin@gmail.com>
+Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
+Acked-by: Denis Kirjanov <dkirjanov@suse.com>
+---
+ net/xfrm/xfrm_policy.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
+index 2f16ab3ecc88..70ed1f452941 100644
+--- a/net/xfrm/xfrm_policy.c
++++ b/net/xfrm/xfrm_policy.c
+@@ -1536,10 +1536,13 @@ xfrm_tmpl_resolve(struct xfrm_policy **pols, int npols, const struct flowi *fl,
+ static int xfrm_get_tos(const struct flowi *fl, int family)
+ {
+ const struct xfrm_policy_afinfo *afinfo;
+- int tos = 0;
++ int tos;
+
+ afinfo = xfrm_policy_get_afinfo(family);
+- tos = afinfo ? afinfo->get_tos(fl) : 0;
++ if (!afinfo)
++ return 0;
++
++ tos = afinfo->get_tos(fl);
+
+ rcu_read_unlock();
+
+--
+2.12.3
+
diff --git a/series.conf b/series.conf
index 29cac56021..4ad3230fe6 100644
--- a/series.conf
+++ b/series.conf
@@ -14299,6 +14299,7 @@
patches.suse/net-ipv6-keep-sk-status-consistent-after-datagram-co.patch
patches.drivers/Revert-e1000e-Separate-signaling-for-link-check-link.patch
patches.drivers/e1000e-Fix-link-check-race-condition.patch
+ patches.fixes/0008-xfrm-do-not-call-rcu_read_unlock-when-afinfo-is-NULL.patch
patches.drivers/qed-Use-after-free-in-qed_rdma_free.patch
patches.suse/net-use-skb_to_full_sk-in-skb_update_prio.patch
patches.suse/soc-fsl-qbman-fix-issue-in-qman_delete_cgr_safe.patch