forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/net
History
Francesco Ruggeri 896b6af471 net: ipv4: ipmr_expire_timer causes crash when removing net namespace 
[ Upstream commit acbb219d5f ]

When tearing down a net namespace, ipv4 mr_table structures are freed
without first deactivating their timers. This can result in a crash in
run_timer_softirq.
This patch mimics the corresponding behaviour in ipv6.
Locking and synchronization seem to be adequate.
We are about to kfree mrt, so existing code should already make sure that
no other references to mrt are pending or can be created by incoming traffic.
The functions invoked here do not cause new references to mrt or other
race conditions to be created.
Invoking del_timer_sync guarantees that ipmr_expire_timer is inactive.
Both ipmr_expire_process (whose completion we may have to wait in
del_timer_sync) and mroute_clean_tables internally use mfc_unres_lock
or other synchronizations when needed, and they both only modify mrt.

Tested in Linux 3.4.8.

Signed-off-by: Francesco Ruggeri <fruggeri@aristanetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-10-02 09:47:22 -07:00
..
9p net/9p: Fix kernel crash with msize 512K 2011-10-03 11:40:22 -07:00
802 snap: remove one synchronize_net() 2011-05-23 16:29:24 -04:00
8021q Revert "net: maintain namespace isolation between vlan and real device" 2012-06-10 00:33:03 +09:00
appletalk appletalk: Fix OOPS in atalk_release(). 2011-03-31 18:59:10 -07:00
atm atm: fix info leak via getsockname() 2012-10-02 09:47:06 -07:00
ax25 net ax25: Reorder ax25_exit to remove races. 2012-04-27 09:51:21 -07:00
batman-adv Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2011-05-20 13:43:21 -07:00
bluetooth Bluetooth: L2CAP - Fix info leak via getsockname() 2012-10-02 09:47:21 -07:00
bridge bridge: Assign rtnl_link_ops to bridge devices created via ioctl (v2) 2012-07-16 08:47:37 -07:00
caif caif: Fix access to freed pernet memory 2012-08-09 08:27:51 -07:00
can can bcm: fix incomplete tx_setup fix 2011-11-11 09:36:45 -08:00
ceph ceph: fix file mode calculation 2011-07-19 11:25:04 -07:00
core net/core: Fix potential memory leak in dev_set_alias() 2012-10-02 09:47:05 -07:00
dcb net: dcbnl: Update copyright dates 2011-03-14 17:02:42 -07:00
dccp dccp: fix info leak via getsockopt(DCCP_SOCKOPT_CCID_TX_INFO) 2012-10-02 09:47:21 -07:00
decnet net: fix NULL dereferences in check_peer_redir() 2012-02-13 11:06:13 -08:00
dns_resolver KEYS: Improve /proc/keys 2011-03-17 11:59:32 +11:00
dsa Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-05-05 14:59:02 -07:00
econet econet: Fix set-but-unused variable. 2011-04-17 00:15:22 -07:00
ethernet net: add IFF_SKB_TX_SHARED flag to priv_flags 2011-08-15 18:31:38 -07:00
ieee802154 ieee802154: Don't leak memory in ieee802154_nl_fill_phy 2011-06-13 18:03:22 -04:00
ipv4 net: ipv4: ipmr_expire_timer causes crash when removing net namespace 2012-10-02 09:47:22 -07:00
ipv6 ipv6: addrconf: Avoid calling netdevice notifiers with RCU read-side lock 2012-10-02 09:47:05 -07:00
ipx ipx: fix ipx_release() 2011-03-21 18:16:39 -07:00
irda irda: iriap: Use seperate lockdep class for irias_objects->hb_spinlock 2011-06-06 17:00:35 -07:00
iucv [S390] irq: merge irq.c and s390_ext.c 2011-05-26 09:48:24 +02:00
key net: convert %p usage to %pK 2011-05-24 01:13:12 -04:00
l2tp l2tp: avoid to use synchronize_rcu in tunnel free function 2012-10-02 09:47:22 -07:00
lapb
llc llc: fix info leak via getsockname() 2012-10-02 09:47:21 -07:00
mac80211 mac80211: cancel mesh path timer 2012-08-15 12:04:11 -07:00
netfilter ipvs: fix info leak in getsockopt(IP_VS_SO_GET_TIMEOUT) 2012-10-02 09:47:22 -07:00
netlabel Remove prefetch() from <linux/skbuff.h> and "netlabel_addrlist.h" 2011-05-22 21:43:41 -07:00
netlink netlink: fix possible spoofing from non-root processes 2012-10-02 09:47:22 -07:00
netrom NET: AX.25, NETROM, ROSE: Remove SOCK_DEBUG calls 2011-04-14 00:20:07 -07:00
packet af_packet: remove BUG statement in tpacket_destruct_skb 2012-10-02 09:47:05 -07:00
phonet phonet: Check input from user before allocating 2012-04-27 09:51:19 -07:00
rds Remove printk from rds_sendmsg 2012-04-02 09:27:21 -07:00
rfkill net: rfkill: add generic gpio rfkill driver 2011-05-19 13:53:54 -04:00
rose rose_dev: fix memcpy-bug in rose_set_mac_address 2012-04-13 08:14:05 -07:00
rxrpc rxrpc: Fix set but unused variable 'usage' in rxrpc_get_transport() 2011-05-19 18:51:50 -04:00
sched net_sched: gact: Fix potential panic in tcf_gact(). 2012-10-02 09:47:05 -07:00
sctp sctp: Fix list corruption resulting from freeing an association on a list 2012-08-09 08:27:51 -07:00
sunrpc svcrpc: sends on closed socket should stop immediately 2012-09-14 10:00:39 -07:00
tipc tipc: Revise timings used when sending link request messages 2011-05-10 16:04:02 -04:00
unix net: convert %p usage to %pK 2011-05-24 01:13:12 -04:00
wanrouter wanmain: comparing array with NULL 2012-08-09 08:27:52 -07:00
wimax
wireless cfg80211: fix interface combinations check for ADHOC(IBSS) 2012-08-15 12:04:30 -07:00
x25 x25: Prevent skb overreads when checking call user data 2011-10-25 07:10:17 +02:00
xfrm ipv6: fix incorrect ipsec fragment 2012-06-10 00:33:02 +09:00
compat.c net: Add sendmmsg socket system call 2011-05-05 11:10:14 -07:00
Kconfig bpf: depends on MODULES 2011-04-29 10:20:53 -07:00
Makefile net: Enter net/ipv6/ even if CONFIG_IPV6=n 2011-03-07 12:50:52 -08:00
nonet.c
socket.c net: fix info leak in compat dev_ifconf() 2012-10-02 09:47:22 -07:00
sysctl_net.c
TUNABLE