mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,205,934 Commits 103 Branches 5,007 Tags 5.4 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Go to file
Magnus Karlsson 3e019d8a05 xsk: Fix xsk_diag use-after-free error during socket cleanup 
Fix a use-after-free error that is possible if the xsk_diag interface
is used after the socket has been unbound from the device. This can
happen either due to the socket being closed or the device
disappearing. In the early days of AF_XDP, the way we tested that a
socket was not bound to a device was to simply check if the netdevice
pointer in the xsk socket structure was NULL. Later, a better system
was introduced by having an explicit state variable in the xsk socket
struct. For example, the state of a socket that is on the way to being
closed and has been unbound from the device is XSK_UNBOUND.

The commit in the Fixes tag below deleted the old way of signalling
that a socket is unbound, setting dev to NULL. This in the belief that
all code using the old way had been exterminated. That was
unfortunately not true as the xsk diagnostics code was still using the
old way and thus does not work as intended when a socket is going
down. Fix this by introducing a test against the state variable. If
the socket is in the state XSK_UNBOUND, simply abort the diagnostic's
netlink operation.

Fixes: 18b1ab7aa7 ("xsk: Fix race at socket teardown")
Reported-by: syzbot+822d1359297e2694f873@syzkaller.appspotmail.com
Signed-off-by: Magnus Karlsson <magnus.karlsson@intel.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Tested-by: syzbot+822d1359297e2694f873@syzkaller.appspotmail.com
Tested-by: Maciej Fijalkowski <maciej.fijalkowski@intel.com>
Reviewed-by: Maciej Fijalkowski <maciej.fijalkowski@intel.com>
Link: https://lore.kernel.org/bpf/20230831100119.17408-1-magnus.karlsson@gmail.com
 		2023-08-31 13:21:11 +02:00
Documentation bpf, docs: s/eBPF/BPF in standards documents 2023-08-30 16:36:10 +02:00
LICENSES LICENSES: Add the copyleft-next-0.3.1 license 2022-11-08 15:44:01 +01:00
arch Networking changes for 6.6. 2023-08-29 11:33:01 -07:00
block v6.6-vfs.super 2023-08-28 11:04:18 -07:00
certs certs: Reference revocation list for all keyrings 2023-08-17 20:12:41 +00:00
crypto This update includes the following changes: 2023-08-29 11:23:29 -07:00
drivers Networking changes for 6.6. 2023-08-29 11:33:01 -07:00
fs pstore updates for v6.6-rc1 2023-08-28 12:36:04 -07:00
include Networking changes for 6.6. 2023-08-29 11:33:01 -07:00
init Scheduler changes for v6.6: 2023-08-28 16:43:39 -07:00
io_uring New code for 6.6: 2023-08-28 11:59:52 -07:00
ipc mqueue: convert to ctime accessor functions 2023-07-24 10:30:07 +02:00
kernel Networking changes for 6.6. 2023-08-29 11:33:01 -07:00
lib Networking changes for 6.6. 2023-08-29 11:33:01 -07:00
mm Networking changes for 6.6. 2023-08-29 11:33:01 -07:00
net xsk: Fix xsk_diag use-after-free error during socket cleanup 2023-08-31 13:21:11 +02:00
rust Rust changes for v6.6 2023-08-29 08:19:46 -07:00
samples Networking changes for 6.6. 2023-08-29 11:33:01 -07:00
scripts Rust changes for v6.6 2023-08-29 08:19:46 -07:00
security Networking changes for 6.6. 2023-08-29 11:33:01 -07:00
sound regmap: Updates for v6.6 2023-08-29 09:26:04 -07:00
tools selftests/bpf: Fix flaky cgroup_iter_sleepable subtest 2023-08-30 08:45:05 +02:00
usr initramfs: Encode dependency on KBUILD_BUILD_TIMESTAMP 2023-06-06 17:54:49 +09:00
virt KVM: Grab a reference to KVM for VM and vCPU stats file descriptors 2023-07-29 11:05:28 -04:00
.clang-format iommu: Add for_each_group_device() 2023-05-23 08:15:51 +02:00
.cocciconfig
.get_maintainer.ignore get_maintainer: add Alan to .get_maintainer.ignore 2022-08-20 15:17:44 -07:00
.gitattributes .gitattributes: set diff driver for Rust source code files 2023-05-31 17:48:25 +02:00
.gitignore Revert ".gitignore: ignore *.cover and *.mbx" 2023-07-04 15:05:12 -07:00
.mailmap mailmap: add entries for Simon Horman 2023-08-16 09:53:10 +01:00
.rustfmt.toml rust: add `.rustfmt.toml` 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS - Address -Wmissing-prototype warnings 2023-06-26 16:43:54 -07:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS Networking changes for 6.6. 2023-08-29 11:33:01 -07:00
Makefile Rust changes for v6.6 2023-08-29 08:19:46 -07:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.