linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-13 03:56:25 +00:00

No description

Find a file

John Fastabend 2395bfdbf3 bpf: Sockmap/tls, during free we may call tcp_bpf_unhash() in loop commit `4da6a196f9` upstream. When a sockmap is free'd and a socket in the map is enabled with tls we tear down the bpf context on the socket, the psock struct and state, and then call tcp_update_ulp(). The tcp_update_ulp() call is to inform the tls stack it needs to update its saved sock ops so that when the tls socket is later destroyed it doesn't try to call the now destroyed psock hooks. This is about keeping stacked ULPs in good shape so they always have the right set of stacked ops. However, recently unhash() hook was removed from TLS side. But, the sockmap/bpf side is not doing any extra work to update the unhash op when is torn down instead expecting TLS side to manage it. So both TLS and sockmap believe the other side is managing the op and instead no one updates the hook so it continues to point at tcp_bpf_unhash(). When unhash hook is called we call tcp_bpf_unhash() which detects the psock has already been destroyed and calls sk->sk_prot_unhash() which calls tcp_bpf_unhash() yet again and so on looping and hanging the core. To fix have sockmap tear down logic fixup the stale pointer. Fixes: `5d92e631b8` ("net/tls: partially revert fix transition through disconnect with close") Reported-by: syzbot+83979935eb6304f8cd46@syzkaller.appspotmail.com Signed-off-by: John Fastabend <john.fastabend@gmail.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Reviewed-by: Jakub Sitnicki <jakub@cloudflare.com> Acked-by: Song Liu <songliubraving@fb.com> Cc: stable@vger.kernel.org Link: https://lore.kernel.org/bpf/20200111061206.8028-2-john.fastabend@gmail.com Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2020-01-23 08:22:45 +01:00
arch	ARM: dts: imx7: Fix Toradex Colibri iMX7S 256MB NAND flash support	2020-01-23 08:22:43 +01:00
block	block: Fix the type of 'sts' in bsg_queue_rq()	2020-01-23 08:22:44 +01:00
certs	PKCS#7: Refactor verify_pkcs7_signature()	2019-08-05 18:40:18 -04:00
crypto	crypto: algif_skcipher - Use chunksize instead of blocksize	2020-01-17 19:48:46 +01:00
Documentation	mei: fix modalias documentation	2020-01-17 19:48:48 +01:00
drivers	drm/amd/display: Reorder detect_edp_sink_caps before link settings read.	2020-01-23 08:22:44 +01:00
fs	Btrfs: always copy scrub arguments back to user space	2020-01-23 08:22:41 +01:00
include	bpf: Sockmap/tls, during free we may call tcp_bpf_unhash() in loop	2020-01-23 08:22:45 +01:00
init	mm, debug_pagealloc: don't rely on static keys too early	2020-01-23 08:22:40 +01:00
ipc	ipc/sem.c: convert to use built-in RCU list checking	2019-09-25 17:51:41 -07:00
kernel	bpf: Fix incorrect verifier simulation of ARSH under ALU32	2020-01-23 08:22:44 +01:00
lib	sbitmap: only queue kyber's wait callback if not already active	2020-01-12 12:21:44 +01:00
LICENSES	LICENSES: Rename other to deprecated	2019-05-03 06:34:32 -06:00
mm	mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio()	2020-01-23 08:22:41 +01:00
net	tipc: fix retrans failure due to wrong destination	2020-01-23 08:22:44 +01:00
samples	samples: bpf: fix syscall_tp due to unused syscall	2020-01-12 12:21:26 +01:00
scripts	kbuild/deb-pkg: annotate libelf-dev dependency as :native	2020-01-17 19:49:07 +01:00
security	tomoyo: Suppress RCU warning at list_for_each_entry_rcu().	2020-01-17 19:49:05 +01:00
sound	ALSA: usb-audio: fix sync-ep altsetting sanity check	2020-01-23 08:22:31 +01:00
tools	perf report: Fix incorrectly added dimensions as switch perf data file	2020-01-23 08:22:39 +01:00
usr	gen_initramfs_list.sh: fix 'bad variable name' error	2020-01-09 10:20:00 +01:00
virt	KVM: arm/arm64: Properly handle faulting of device mappings	2019-12-31 16:46:24 +01:00
.clang-format	clang-format: Update with the latest for_each macro list	2019-08-31 10:00:51 +02:00
.cocciconfig
.get_maintainer.ignore	Opt out of scripts/get_maintainer.pl	2019-05-16 10:53:40 -07:00
.gitattributes
.gitignore	Modules updates for v5.4	2019-09-22 10:34:46 -07:00
.mailmap	ARM: SoC fixes	2019-11-10 13:41:59 -08:00
COPYING
CREDITS	MAINTAINERS: Remove Simon as Renesas SoC Co-Maintainer	2019-10-10 08:12:51 -07:00
Kbuild	kbuild: do not descend to ./Kbuild when cleaning	2019-08-21 21:03:58 +09:00
Kconfig	docs: kbuild: convert docs to ReST and rename to *.rst	2019-06-14 14:21:21 -06:00
MAINTAINERS	MAINTAINERS: Append missed file to the database	2020-01-17 19:48:28 +01:00
Makefile	Linux 5.4.13	2020-01-17 19:49:08 +01:00
README	Drop all 00-INDEX files from Documentation/	2018-09-09 15:08:58 -06:00

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.