mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-10 10:39:26 +00:00
Code Issues Releases Wiki Activity
linux-stable/net
History
Davide Caratti 02239e797a net/sched: act_tunnel_key: fix memory leak in case of action replace 
[ Upstream commit 9174c3df1c ]

running the following TDC test cases:

 7afc - Replace tunnel_key set action with all parameters
 364d - Replace tunnel_key set action with all parameters and cookie

it's possible to trigger kmemleak warnings like:

  unreferenced object 0xffff94797127ab40 (size 192):
  comm "tc", pid 3248, jiffies 4300565293 (age 1006.862s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 c0 93 f9 8a ff ff ff ff  ................
    41 84 ee 89 ff ff ff ff 00 00 00 00 00 00 00 00  A...............
  backtrace:
    [<000000001e85b61c>] tunnel_key_init+0x31d/0x820 [act_tunnel_key]
    [<000000007f3f6ee7>] tcf_action_init_1+0x384/0x4c0
    [<00000000e89e3ded>] tcf_action_init+0x12b/0x1a0
    [<00000000c1c8c0f8>] tcf_action_add+0x73/0x170
    [<0000000095a9fc28>] tc_ctl_action+0x122/0x160
    [<000000004bebeac5>] rtnetlink_rcv_msg+0x263/0x2d0
    [<000000009fd862dd>] netlink_rcv_skb+0x4a/0x110
    [<00000000b55199e7>] netlink_unicast+0x1a0/0x250
    [<000000004996cd21>] netlink_sendmsg+0x2c1/0x3c0
    [<000000004d6a94b4>] sock_sendmsg+0x36/0x40
    [<000000005d9f0208>] ___sys_sendmsg+0x280/0x2f0
    [<00000000dec19023>] __sys_sendmsg+0x5e/0xa0
    [<000000004b82ac81>] do_syscall_64+0x5b/0x180
    [<00000000a0f1209a>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
    [<000000002926b2ab>] 0xffffffffffffffff

when the tunnel_key action is replaced, the kernel forgets to release the
dst metadata: ensure they are released by tunnel_key_init(), the same way
it's done in tunnel_key_release().

Fixes: d0f6dd8a91 ("net/sched: Introduce act_tunnel_key")
Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Acked-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-01-31 08:14:31 +01:00
..
6lowpan 6lowpan: iphc: reset mac_header after decompress to fix panic 2018-07-06 12:32:12 +02:00
9p 9p/net: put a lower bound on msize 2019-01-13 09:51:08 +01:00
802
8021q net: remove blank lines at end of file 2018-07-24 14:10:43 -07:00
appletalk
atm Revert "net: simplify sock_poll_wait" 2018-11-04 14:50:51 +01:00
ax25 ax25: fix a use-after-free in ax25_fillin_cb() 2019-01-09 17:38:30 +01:00
batman-adv batman-adv: Expand merged fragment buffer for full packet 2018-12-13 09:16:10 +01:00
bluetooth Bluetooth: Fix unnecessary error message for HCI request completion 2019-01-26 09:32:44 +01:00
bpf bpf/test_run: support cgroup local storage 2018-08-03 00:47:32 +02:00
bpfilter net: bpfilter: use get_pid_task instead of pid_task 2018-10-17 22:03:40 -07:00
bridge net: Fix usage of pskb_trim_rcsum 2019-01-31 08:14:31 +01:00
caif Revert "net: simplify sock_poll_wait" 2018-11-04 14:50:51 +01:00
can can: gw: ensure DLC boundaries after CAN frame modification 2019-01-22 21:40:28 +01:00
ceph libceph: fall back to sendmsg for slab pages 2018-11-27 16:13:11 +01:00
core net: call sk_dst_reset when set SO_DONTROUTE 2019-01-26 09:32:38 +01:00
dcb net: dcb: Add priority-to-DSCP map getters 2018-07-27 13:17:50 -07:00
dccp Revert "net: simplify sock_poll_wait" 2018-11-04 14:50:51 +01:00
decnet decnet: fix using plain integer as NULL warning 2018-08-09 14:11:24 -07:00
dns_resolver net: remove blank lines at end of file 2018-07-24 14:10:43 -07:00
dsa net: dsa: Drop GPIO includes 2018-08-27 15:24:33 -07:00
ethernet
hsr
ieee802154 ieee802154: lowpan_header_create check must check daddr 2019-01-09 17:38:31 +01:00
ife
ipv4 net: Fix usage of pskb_trim_rcsum 2019-01-31 08:14:31 +01:00
ipv6 ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses 2019-01-26 09:32:33 +01:00
iucv Revert "net: simplify sock_poll_wait" 2018-11-04 14:50:51 +01:00
kcm Revert "kcm: remove any offset before parsing messages" 2018-09-17 18:43:42 -07:00
key Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next 2018-07-27 09:33:37 -07:00
l2tp l2tp: fix a sock refcnt leak in l2tp_tunnel_register 2018-11-23 08:17:05 +01:00
l3mdev
lapb
llc llc: do not use sk_eat_skb() 2018-12-01 09:37:27 +01:00
mac80211 mac80211: free skb fraglist before freeing the skb 2019-01-13 09:51:02 +01:00
mac802154 net: mac802154: tx: expand tailroom if necessary 2018-08-06 11:21:37 +02:00
mpls mpls: allow routes on ip6gre devices 2018-09-24 12:19:27 -07:00
ncsi net/ncsi: Fixup .dumpit message flags and ID check in Netlink handler 2018-08-22 21:39:08 -07:00
netfilter netfilter: ipset: Allow matching on destination MAC address for mac and ipmac sets 2019-01-26 09:32:33 +01:00
netlabel netlabel: check for IPV4MASK in addrinfo_get 2018-09-21 18:58:34 -07:00
netlink Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net 2018-08-05 13:04:31 -07:00
netrom netrom: fix locking in nr_find_socket() 2019-01-09 17:38:32 +01:00
nfc Revert "net: simplify sock_poll_wait" 2018-11-04 14:50:51 +01:00
nsh nsh: set mac len based on inner packet 2018-07-12 16:55:29 -07:00
openvswitch openvswitch: Fix push/pop ethernet validation 2018-11-04 14:50:52 +01:00
packet packet: Do not leak dev refcounts on error exit 2019-01-22 21:40:30 +01:00
phonet
psample
qrtr net: qrtr: Reset the node and port ID of broadcast messages 2018-07-05 20:20:03 +09:00
rds rds: RDS (tcp) hangs on sendto() to unresponding address 2018-10-10 22:19:52 -07:00
rfkill Here are quite a large number of fixes, notably: 2018-09-03 22:12:02 -07:00
rose
rxrpc rxrpc: Fix lockup due to no error backoff after ack transmit error 2018-11-23 08:17:07 +01:00
sched net/sched: act_tunnel_key: fix memory leak in case of action replace 2019-01-31 08:14:31 +01:00
sctp sctp: allocate sctp_sockaddr_entry with kzalloc 2019-01-22 21:40:36 +01:00
smc smc: move unhash as early as possible in smc_release() 2019-01-22 21:40:31 +01:00
strparser strparser: remove redundant variable 'rd_desc' 2018-08-01 10:00:06 -07:00
sunrpc sunrpc: handle ENOMEM in rpcb_getport_async 2019-01-22 21:40:35 +01:00
switchdev
tipc tipc: fix uninit-value in tipc_nl_compat_doit 2019-01-22 21:40:36 +01:00
tls net/tls: Init routines in create_ctx 2019-01-13 09:51:00 +01:00
unix Revert "net: simplify sock_poll_wait" 2018-11-04 14:50:51 +01:00
vmw_vsock VSOCK: Send reset control packet when socket is partially bound 2019-01-09 17:38:34 +01:00
wimax wimax: remove blank lines at EOF 2018-07-24 14:10:42 -07:00
wireless nl80211: fix memory leak if validate_pae_over_nl80211() fails 2019-01-13 09:51:02 +01:00
x25 x25: remove blank lines at EOF 2018-07-24 14:10:42 -07:00
xdp xsk: do not call synchronize_net() under RCU read lock 2018-10-11 10:19:01 +02:00
xfrm xfrm: Fix NULL pointer dereference in xfrm_input when skb_dst_force clears the dst_entry. 2019-01-13 09:50:57 +01:00
compat.c sock: Make sock->sk_stamp thread-safe 2019-01-09 17:38:33 +01:00
Kconfig net: remove blank lines at end of file 2018-07-24 14:10:43 -07:00
Makefile
socket.c net: socket: fix a missing-check bug 2018-10-18 16:43:06 -07:00
sysctl_net.c