xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
94d9f1c5906b20053efe375b6d66610bca4b8b64
android_kernel_xiaomi_sm8450/net/ipv4
History
David Forster 94d9f1c590 ipv4: panic in leaf_walk_rcu due to stale node pointer 
Panic occurs when issuing "cat /proc/net/route" whilst
populating FIB with > 1M routes.

Use of cached node pointer in fib_route_get_idx is unsafe.

 BUG: unable to handle kernel paging request at ffffc90001630024
 IP: [<ffffffff814cf6a0>] leaf_walk_rcu+0x10/0xe0
 PGD 11b08d067 PUD 11b08e067 PMD dac4b067 PTE 0
 Oops: 0000 [#1] SMP
 Modules linked in: nfsd auth_rpcgss oid_registry nfs_acl nfs lockd grace fscac
 snd_hda_codec_generic snd_hda_intel snd_hda_codec snd_hda_core snd_hwdep virti
 acpi_cpufreq button parport_pc ppdev lp parport autofs4 ext4 crc16 mbcache jbd
tio_ring virtio floppy uhci_hcd ehci_hcd usbcore usb_common libata scsi_mod
 CPU: 1 PID: 785 Comm: cat Not tainted 4.2.0-rc8+ #4
 Hardware name: Bochs Bochs, BIOS Bochs 01/01/2007
 task: ffff8800da1c0bc0 ti: ffff88011a05c000 task.ti: ffff88011a05c000
 RIP: 0010:[<ffffffff814cf6a0>]  [<ffffffff814cf6a0>] leaf_walk_rcu+0x10/0xe0
 RSP: 0018:ffff88011a05fda0  EFLAGS: 00010202
 RAX: ffff8800d8a40c00 RBX: ffff8800da4af940 RCX: ffff88011a05ff20
 RDX: ffffc90001630020 RSI: 0000000001013531 RDI: ffff8800da4af950
 RBP: 0000000000000000 R08: ffff8800da1f9a00 R09: 0000000000000000
 R10: ffff8800db45b7e4 R11: 0000000000000246 R12: ffff8800da4af950
 R13: ffff8800d97a74c0 R14: 0000000000000000 R15: ffff8800d97a7480
 FS:  00007fd3970e0700(0000) GS:ffff88011fd00000(0000) knlGS:0000000000000000
 CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
 CR2: ffffc90001630024 CR3: 000000011a7e4000 CR4: 00000000000006e0
 Stack:
  ffffffff814d00d3 0000000000000000 ffff88011a05ff20 ffff8800da1f9a00
  ffffffff811dd8b9 0000000000000800 0000000000020000 00007fd396f35000
  ffffffff811f8714 0000000000003431 ffffffff8138dce0 0000000000000f80
 Call Trace:
  [<ffffffff814d00d3>] ? fib_route_seq_start+0x93/0xc0
  [<ffffffff811dd8b9>] ? seq_read+0x149/0x380
  [<ffffffff811f8714>] ? fsnotify+0x3b4/0x500
  [<ffffffff8138dce0>] ? process_echoes+0x70/0x70
  [<ffffffff8121cfa7>] ? proc_reg_read+0x47/0x70
  [<ffffffff811bb823>] ? __vfs_read+0x23/0xd0
  [<ffffffff811bbd42>] ? rw_verify_area+0x52/0xf0
  [<ffffffff811bbe61>] ? vfs_read+0x81/0x120
  [<ffffffff811bcbc2>] ? SyS_read+0x42/0xa0
  [<ffffffff81549ab2>] ? entry_SYSCALL_64_fastpath+0x16/0x75
 Code: 48 85 c0 75 d8 f3 c3 31 c0 c3 f3 c3 66 66 66 66 66 66 2e 0f 1f 84 00 00
a 04 89 f0 33 02 44 89 c9 48 d3 e8 0f b6 4a 05 49 89
 RIP  [<ffffffff814cf6a0>] leaf_walk_rcu+0x10/0xe0
  RSP <ffff88011a05fda0>
 CR2: ffffc90001630024

Signed-off-by: Dave Forster <dforster@brocade.com>
Acked-by: Alexander Duyck <alexander.h.duyck@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-08-06 00:10:05 -04:00
..
netfilter
netfilter: x_tables: speed up jump target validation
2016-07-18 21:35:23 +02:00
af_inet.c
ipv4: af_inet: make it explicitly non-modular
2016-07-11 22:44:26 -07:00
ah4.c
ah4: Fix error return in ah_input().
2015-08-25 13:38:50 -07:00
arp.c
net: rename NET_{ADD|INC}_STATS_BH()
2016-04-27 22:48:24 -04:00
cipso_ipv4.c
Merge branch 'stable-4.8' of git://git.infradead.org/users/pcmoore/selinux into next
2016-07-07 10:15:34 +10:00
datagram.c
net: Set sk_txhash from a random number
2015-07-29 22:44:04 -07:00
devinet.c
ipv4: do not abuse GFP_ATOMIC in inet_netconf_notify_devconf()
2016-07-09 18:12:25 -04:00
esp4.c
esp: Fix ESN generation under UDP encapsulation
2016-06-23 11:52:00 -04:00
fib_frontend.c
net: vrf: Create FIB tables on link create
2016-05-06 15:51:47 -04:00
fib_lookup.h
ipv4: consider TOS in fib_select_default
2015-07-24 22:46:11 -07:00
fib_rules.c
net: Add l3mdev rule
2016-06-08 11:36:02 -07:00
fib_semantics.c
ipv4: reject RTNH_F_DEAD and RTNH_F_LINKDOWN from user space
2016-07-11 13:41:09 -07:00
fib_trie.c
ipv4: panic in leaf_walk_rcu due to stale node pointer
2016-08-06 00:10:05 -04:00
fou.c
gue: Implement direction IP encapsulation
2016-06-07 23:51:14 -07:00
gre_demux.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-06-30 05:03:36 -04:00
gre_offload.c
gso: Remove arbitrary checks for unsupported GSO
2016-05-20 18:03:15 -04:00
icmp.c
net: icmp: rename ICMPMSGIN_INC_STATS_BH()
2016-04-27 22:48:23 -04:00
igmp.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-03-08 12:34:12 -05:00
inet_connection_sock.c
timers, net/ipv4/inet: Initialize connection request timers as pinned
2016-07-07 10:35:06 +02:00
inet_diag.c
net: diag: Add support to filter on device index
2016-06-28 05:25:04 -04:00
inet_fragment.c
net: disable fragment reassembly if high_thresh is zero
2016-06-05 22:56:42 -04:00
inet_hashtables.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-05-04 00:52:29 -04:00
inet_timewait_sock.c
timers, net/ipv4/inet: Initialize connection request timers as pinned
2016-07-07 10:35:06 +02:00
inetpeer.c
net: Add helper function to compare inetpeer addresses
2015-08-28 13:32:36 -07:00
ip_forward.c
net/ipv4: Introduce IPSKB_FRAG_SEGS bit to inet_skb_parm.flags
2016-07-19 16:40:22 -07:00
ip_fragment.c
net: rename IP_INC_STATS_BH()
2016-04-27 22:48:23 -04:00
ip_gre.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-06-30 05:03:36 -04:00
ip_input.c
net: original ingress device index in PKTINFO
2016-05-11 19:31:40 -04:00
ip_options.c
net: ipv4: Convert IP network timestamps to be y2038 safe
2016-03-01 17:18:44 -05:00
ip_output.c
net/ipv4: Introduce IPSKB_FRAG_SEGS bit to inet_skb_parm.flags
2016-07-19 16:40:22 -07:00
ip_sockglue.c
sock: propagate __sock_cmsg_send() error
2016-05-16 13:46:23 -04:00
ip_tunnel_core.c
net: ip_finish_output_gso: If skb_gso_network_seglen exceeds MTU, allow segmentation for local udp tunneled skbs
2016-07-19 16:40:22 -07:00
ip_tunnel.c
net: ipv4: Add ability to have GRE ignore DF bit in IPv4 payloads
2016-06-15 21:39:59 -07:00
ip_vti.c
vti: Add pmtu handling to vti_xmit.
2016-03-31 08:59:56 +02:00
ipcomp.c
ipv4: coding style: comparison for equality with NULL
2015-04-03 12:11:15 -04:00
ipconfig.c
ipconfig: Protect ic_addrservaddr with IPCONFIG_DYNAMIC.
2016-06-11 20:40:24 -07:00
ipip.c
ipip: support MPLS over IPv4
2016-07-09 17:45:56 -04:00
ipmr.c
net: ipmr/ip6mr: update lastuse on entry change
2016-07-26 15:18:31 -07:00
Kconfig
tcp: add NV congestion control
2016-06-10 23:07:49 -07:00
Makefile
tcp: add NV congestion control
2016-06-10 23:07:49 -07:00
netfilter.c
ipv4: Pass struct net into ip_route_me_harder
2015-09-29 20:21:32 +02:00
ping.c
sock: enable timestamping using control messages
2016-04-04 15:50:30 -04:00
proc.c
ipv4: Namespaceify ip_default_ttl sysctl knob
2016-02-16 20:42:54 -05:00
protocol.c
net: Export inet_offloads and inet6_offloads
2014-09-19 17:15:31 -04:00
raw.c
sock: enable timestamping using control messages
2016-04-04 15:50:30 -04:00
route.c
net: l3mdev: Allow send on enslaved interface
2016-05-09 22:33:52 -04:00
syncookies.c
net: rename NET_{ADD|INC}_STATS_BH()
2016-04-27 22:48:24 -04:00
sysctl_net_ipv4.c
ipv4: Fix non-initialized TTL when CONFIG_SYSCTL=n
2016-05-23 14:32:06 -07:00
tcp_bic.c
tcp: replace cnt & rtt with struct in pkts_acked()
2016-05-11 14:43:19 -04:00
tcp_cdg.c
tcp: replace cnt & rtt with struct in pkts_acked()
2016-05-11 14:43:19 -04:00
tcp_cong.c
tcp: remove tcp_ecn_make_synack() socket argument
2015-09-25 13:00:38 -07:00
tcp_cubic.c
tcp: replace cnt & rtt with struct in pkts_acked()
2016-05-11 14:43:19 -04:00
tcp_dctcp.c
tcp: return sizeof tcp_dctcp_info in dctcp_get_info()
2016-06-14 23:46:30 -07:00
tcp_diag.c
net: diag: Support destroying TCP sockets.
2015-12-15 23:26:52 -05:00
tcp_fastopen.c
tcp: do not assume TCP code is non preemptible
2016-05-02 17:02:25 -04:00
tcp_highspeed.c
tcp: add tcp_in_slow_start helper
2015-07-09 14:22:52 -07:00
tcp_htcp.c
tcp: replace cnt & rtt with struct in pkts_acked()
2016-05-11 14:43:19 -04:00
tcp_hybla.c
tcp: do not slow start when cwnd equals ssthresh
2015-07-09 14:22:52 -07:00
tcp_illinois.c
tcp: replace cnt & rtt with struct in pkts_acked()
2016-05-11 14:43:19 -04:00
tcp_input.c
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
2016-07-29 17:38:46 -07:00
tcp_ipv4.c
tcp: md5: use kmalloc() backed scratch areas
2016-07-01 04:02:55 -04:00
tcp_lp.c
tcp: replace cnt & rtt with struct in pkts_acked()
2016-05-11 14:43:19 -04:00
tcp_metrics.c
libnl: nla_put_msecs(): align on a 64-bit area
2016-04-23 20:13:24 -04:00
tcp_minisocks.c
tcp: do not assume TCP code is non preemptible
2016-05-02 17:02:25 -04:00
tcp_nv.c
tcp: add NV congestion control
2016-06-10 23:07:49 -07:00
tcp_offload.c
gso: Remove arbitrary checks for unsupported GSO
2016-05-20 18:03:15 -04:00
tcp_output.c
tcp: consider recv buf for the initial window scale
2016-07-30 21:21:57 -07:00
tcp_probe.c
net: ipv4: tcp_probe: Replace timespec with timespec64
2016-03-01 17:18:44 -05:00
tcp_recovery.c
tcp: do not assume TCP code is non preemptible
2016-05-02 17:02:25 -04:00
tcp_scalable.c
tcp: add tcp_in_slow_start helper
2015-07-09 14:22:52 -07:00
tcp_timer.c
tcp_timer.c: Add kernel-doc function descriptions
2016-07-15 23:18:14 -07:00
tcp_vegas.c
tcp: replace cnt & rtt with struct in pkts_acked()
2016-05-11 14:43:19 -04:00
tcp_vegas.h
tcp: replace cnt & rtt with struct in pkts_acked()
2016-05-11 14:43:19 -04:00
tcp_veno.c
tcp: replace cnt & rtt with struct in pkts_acked()
2016-05-11 14:43:19 -04:00
tcp_westwood.c
tcp: replace cnt & rtt with struct in pkts_acked()
2016-05-11 14:43:19 -04:00
tcp_yeah.c
tcp: replace cnt & rtt with struct in pkts_acked()
2016-05-11 14:43:19 -04:00
tcp.c
tcp: md5: use kmalloc() backed scratch areas
2016-07-01 04:02:55 -04:00
tunnel4.c
tunnels: correct conditional build of MPLS and IPv6
2016-07-11 13:27:06 -07:00
udp_diag.c
udp: no longer use SLAB_DESTROY_BY_RCU
2016-04-04 22:11:19 -04:00
udp_impl.h
net: Remove iocb argument from sendmsg and recvmsg
2015-03-02 13:06:31 -05:00
udp_offload.c
gso: Remove arbitrary checks for unsupported GSO
2016-05-20 18:03:15 -04:00
udp_tunnel.c
net: Remove deprecated tunnel specific UDP offload functions
2016-06-17 20:23:32 -07:00
udp.c
udp: use sk_filter_trim_cap for udp{,6}_queue_rcv_skb
2016-07-25 21:40:33 -07:00
udplite.c
net: Eliminate no_check from protosw
2014-05-23 16:28:53 -04:00
xfrm4_input.c
netfilter: Pass net into okfn
2015-09-17 17:18:37 -07:00
xfrm4_mode_beet.c
ipv4: ERROR: code indent should use tabs where possible
2013-12-26 13:43:21 -05:00
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c
ipv4: hash net ptr into fragmentation bucket selection
2015-03-25 14:07:04 -04:00
xfrm4_output.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2015-10-24 06:54:12 -07:00
xfrm4_policy.c
net: xfrm: fix old-style declaration
2016-06-16 22:06:30 -07:00
xfrm4_protocol.c
xfrm4: Remove duplicate semicolon
2014-06-30 07:49:47 +02:00
xfrm4_state.c
inet: make no_pmtu_disc per namespace and kill ipv4_config
2013-12-18 16:58:20 -05:00
xfrm4_tunnel.c
sit: add IPv4 over IPv4 support
2013-05-31 17:19:05 -07:00