mirrors/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-12-29 21:47:36 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
3de7a37b02f607716753dc669c1dca4f71db08fc
linux/include/net
History
Patrick McHardy 9d7b0fc1ef net: ipv6: fix oops in inet_putpeer() 
Commit 97bab73f (inet: Hide route peer accesses behind helpers.) introduced
a bug in xfrm6_policy_destroy(). The xfrm_dst's _rt6i_peer member is not
initialized, causing a false positive result from inetpeer_ptr_is_peer(),
which in turn causes a NULL pointer dereference in inet_putpeer().

Pid: 314, comm: kworker/0:1 Not tainted 3.6.0-rc1+ #17 To Be Filled By O.E.M. To Be Filled By O.E.M./P4S800D-X
EIP: 0060:[<c03abf93>] EFLAGS: 00010246 CPU: 0
EIP is at inet_putpeer+0xe/0x16
EAX: 00000000 EBX: f3481700 ECX: 00000000 EDX: 000dd641
ESI: f3481700 EDI: c05e949c EBP: f551def4 ESP: f551def4
 DS: 007b ES: 007b FS: 0000 GS: 00e0 SS: 0068
CR0: 8005003b CR2: 00000070 CR3: 3243d000 CR4: 00000750
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: ffff0ff0 DR7: 00000400
 f551df04 c0423de1 00000000 f3481700 f551df18 c038d5f7 f254b9f8 f551df28
 f34f85d8 f551df20 c03ef48d f551df3c c0396870 f30697e8 f24e1738 c05e98f4
 f5509540 c05cd2b4 f551df7c c0142d2b c043feb5 f5509540 00000000 c05cd2e8
 [<c0423de1>] xfrm6_dst_destroy+0x42/0xdb
 [<c038d5f7>] dst_destroy+0x1d/0xa4
 [<c03ef48d>] xfrm_bundle_flo_delete+0x2b/0x36
 [<c0396870>] flow_cache_gc_task+0x85/0x9f
 [<c0142d2b>] process_one_work+0x122/0x441
 [<c043feb5>] ? apic_timer_interrupt+0x31/0x38
 [<c03967eb>] ? flow_cache_new_hashrnd+0x2b/0x2b
 [<c0143e2d>] worker_thread+0x113/0x3cc

Fix by adding a init_dst() callback to struct xfrm_policy_afinfo to
properly initialize the dst's peer pointer.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-08-20 02:56:56 -07:00
..
9p
9p: Reduce object size with CONFIG_NET_9P_DEBUG
2012-01-05 10:51:44 -06:00
bluetooth
Bluetooth: Use tx window from config response for ack timing
2012-07-15 12:18:29 -03:00
caif
caif-hsi: Remove use of module parameters
2012-06-25 16:44:12 -07:00
irda
Fix common misspellings
2011-03-31 11:26:23 -03:00
iucv
af_iucv: add shutdown for HS transport
2012-03-07 22:52:24 -08:00
netfilter
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2012-07-10 23:56:33 -07:00
netns
ipv4: remove rt_cache_rebuild_count
2012-07-30 14:53:22 -07:00
nfc
NFC: Allow HCI driver to pre-open pipes to some gates
2012-07-09 16:42:12 -04:00
phonet
net: remove my future former mail address
2012-06-17 16:29:38 -07:00
sctp
sctp: Implement quick failover draft from tsvwg
2012-07-22 12:13:46 -07:00
tc_act
net/sched: add ACT_CSUM action to update packets checksums
2010-08-20 01:42:59 -07:00
act_api.h
net: sched: constify tcf_proto and tc_action
2011-07-06 02:52:16 -07:00
addrconf.h
ipv6: add ipv6_addr_hash() helper
2012-07-18 11:28:46 -07:00
af_ieee802154.h
af_ieee802154: add support for WANT_ACK socket option
2009-08-12 21:54:50 -07:00
af_rxrpc.h
net: Remove __KERNEL__ cpp checks from include/net
2011-04-24 10:54:56 -07:00
af_unix.h
af_unix: speedup /proc/net/unix
2012-06-08 14:27:23 -07:00
ah.h
ipsec: update MAX_AH_AUTH_LEN to support sha512
2011-01-13 21:48:25 -08:00
arp.h
ipv4: Fix neigh lookup keying over loopback/point-to-point devices.
2012-07-20 16:06:10 -07:00
atmclip.h
atm: clip: Use device neigh support on top of "arp_tbl".
2011-11-30 18:51:03 -05:00
ax25.h
net ax25: Fix the build when sysctl support is disabled.
2012-04-23 22:14:47 -04:00
ax88796.h
cfg80211-wext.h
cfg80211: remove unused wext handler exports
2011-08-08 14:26:29 -04:00
cfg80211.h
cfg80211: add channel flag to prohibit OFDM operation
2012-08-02 15:30:49 +02:00
checksum.h
cipso_ipv4.h
cipso: handle CIPSO options correctly when NetLabel is disabled
2012-06-01 14:18:29 -04:00
cls_cgroup.h
Merge commit 'v2.6.36-rc7' into core/rcu
2010-10-07 09:43:45 +02:00
codel.h
codel: refine one condition to avoid a nul rec_inv_sqrt
2012-08-10 16:52:54 -07:00
compat.h
net: cleanup unsigned to unsigned int
2012-04-15 12:44:40 -04:00
datalink.h
dcbevent.h
dcb: Add stub routines for !CONFIG_DCB
2011-10-06 15:49:51 -04:00
dcbnl.h
net/dcb: Add an optional max rate attribute
2012-04-05 05:08:04 -04:00
dn_dev.h
decnet: RCU conversion and get rid of dev_base_lock
2010-11-08 13:50:08 -08:00
dn_fib.h
net: cleanup unsigned to unsigned int
2012-04-15 12:44:40 -04:00
dn_neigh.h
dn_nsp.h
net: use __packed annotation
2010-06-03 03:21:52 -07:00
dn_route.h
decnet: Use neighbours privately in dn_route struct.
2012-07-05 01:12:14 -07:00
dn.h
net: cleanup unsigned to unsigned int
2012-04-15 12:44:40 -04:00
dsa.h
dsa: Include linux/if_ether.h to fix build error
2011-12-01 11:41:06 -05:00
dsfield.h
dst_ops.h
net: Fix warnings in dst_ops.h
2012-07-19 10:43:03 -07:00
dst.h
net: force dst_default_metrics to const section
2012-08-08 16:00:28 -07:00
esp.h
ethoc.h
fib_rules.h
ipv4: Elide fib_validate_source() completely when possible.
2012-06-29 01:36:36 -07:00
flow_keys.h
flow_dissector: use a 64bit load/store
2011-11-29 13:17:03 -05:00
flow.h
ipv4: Kill FLOWI_FLAG_RT_NOCACHE and associated code.
2012-07-20 13:36:54 -07:00
garp.h
garp: remove last synchronize_rcu() call
2011-05-12 17:46:56 -04:00
gen_stats.h
Fix common misspellings
2011-03-31 11:26:23 -03:00
genetlink.h
net: Use NLMSG_DEFAULT_SIZE in combination with nlmsg_new()
2012-06-28 17:56:43 -07:00
gre.h
PPTP: PPP over IPv4 (Point-to-Point Tunneling Protocol)
2010-08-21 23:05:39 -07:00
icmp.h
net: cleanup unsigned to unsigned int
2012-04-15 12:44:40 -04:00
ieee80211_radiotap.h
wireless: move ieee80211chan2mhz macro
2011-11-11 12:32:50 -05:00
ieee802154_netdev.h
mac802154: declare reduced mlme operations
2012-05-16 15:16:56 -04:00
ieee802154.h
6LoWPAN: add fragmentation support
2011-11-14 00:19:42 -05:00
if_inet6.h
net: delete all instances of special processing for token ring
2012-05-15 20:14:35 -04:00
inet6_connection_sock.h
ipv6: Add helper inet6_csk_update_pmtu().
2012-07-16 03:44:56 -07:00
inet6_hashtables.h
ipv6: Early TCP socket demux
2012-07-26 15:50:39 -07:00
inet_common.h
net-tcp: Fast Open client - sendmsg(MSG_FASTOPEN)
2012-07-19 11:02:03 -07:00
inet_connection_sock.h
net: ipv6: fix TCP early demux
2012-08-06 13:33:21 -07:00
inet_ecn.h
inet: add rfc 3168 extract in front of INET_ECN_encapsulate()
2011-10-22 01:25:23 -04:00
inet_frag.h
ip_frag: struct inet_frags match() method returns a bool
2012-05-18 01:40:27 -04:00
inet_hashtables.h
ipv4: Early TCP socket demux.
2012-06-19 21:22:05 -07:00
inet_sock.h
net: ipv6: fix TCP early demux
2012-08-06 13:33:21 -07:00
inet_timewait_sock.h
inet: remove rcu protection on tw_net
2011-12-14 13:34:55 -05:00
inetpeer.h
ipv4: Maintain redirect and PMTU info in struct rtable again.
2012-07-10 22:40:14 -07:00
ip6_checksum.h
ip6_fib.h
ipv6: Store route neighbour in rt6_info struct.
2012-07-05 02:41:58 -07:00
ip6_route.h
ipv6: fix inet6_csk_xmit()
2012-07-18 08:59:58 -07:00
ip6_tunnel.h
ipv6_tunnel: Allow receiving packets on the fallback tunnel if they pass sanity checks
2012-06-29 00:52:32 -07:00
ip_fib.h
ipv4: Cache routes in nexthop exception entries.
2012-07-31 15:02:02 -07:00
ip_vs.h
ipvs: fix oops on NAT reply in br_nf context
2012-07-17 12:00:46 +02:00
ip.h
ipv4: fix ip_send_skb()
2012-08-10 14:08:57 -07:00
ipcomp.h
percpu: add __percpu sparse annotations to net
2010-02-16 23:05:38 -08:00
ipconfig.h
ipip.h
tunnel: implement 64 bits statistics
2012-04-14 14:47:05 -04:00
ipv6.h
ipv6: add ipv6_addr_hash() helper
2012-07-18 11:28:46 -07:00
ipx.h
net: Remove __KERNEL__ cpp checks from include/net
2011-04-24 10:54:56 -07:00
iw_handler.h
Fix common misspellings
2011-03-31 11:26:23 -03:00
lapb.h
lapb: Neaten debugging
2012-05-17 18:45:20 -04:00
lib80211.h
include: replace linux/module.h with "struct module" wherever possible
2011-10-31 19:32:32 -04:00
llc_c_ac.h
llc_c_ev.h
net: cleanup unsigned to unsigned int
2012-04-15 12:44:40 -04:00
llc_c_st.h
llc_conn.h
llc: use a device based hash table to speed up multicast delivery
2009-12-26 20:43:57 -08:00
llc_if.h
llc_pdu.h
net: delete all instances of special processing for token ring
2012-05-15 20:14:35 -04:00
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h
llc2: Fix silent failure of llc_station_init()
2012-08-14 16:51:18 -07:00
mac80211.h
mac80211: add time synchronisation with BSS for assoc
2012-07-12 12:10:46 +02:00
mac802154.h
mac802154: add wpan device-class support
2012-06-26 21:06:11 -07:00
mip6.h
net: use __packed annotation
2010-06-03 03:21:52 -07:00
mld.h
ipv6 mcast: Introduce include/net/mld.h for MLD definitions.
2010-04-23 13:35:55 +09:00
ndisc.h
ipv6: Export ndisc option parsing from ndisc.c
2012-07-11 23:39:11 -07:00
neighbour.h
net: Do delayed neigh confirmation.
2012-07-05 01:03:06 -07:00
net_namespace.h
net: make sock diag per-namespace
2012-07-16 22:31:34 -07:00
net_ratelimit.h
net: Kill ratelimit.h dependency in linux/net.h
2011-05-27 13:41:33 -04:00
netdma.h
netevent.h
net: Pass neighbours and dest address into NETEVENT_REDIRECT events.
2012-07-05 02:21:55 -07:00
netlabel.h
doc: Update the email address for Paul Moore in various source files
2011-08-01 17:58:33 -07:00
netlink.h
netlink: Delete all NLA_PUT*() macros.
2012-04-02 04:33:45 -04:00
netprio_cgroup.h
net: netprio_cgroup: rework update socket logic
2012-07-22 12:44:01 -07:00
netrom.h
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
nexthop.h
nl802154.h
ieee802154: add support for channel pages from IEEE 802.15.4-2006
2009-08-19 23:08:22 +04:00
p8022.h
ping.h
net: ping: fix build failure
2011-05-17 14:16:58 -04:00
pkt_cls.h
net: Fix range checks in tcf_valid_offset().
2010-12-21 12:43:16 -08:00
pkt_sched.h
net: cleanup unsigned to unsigned int
2012-04-15 12:44:40 -04:00
protocol.h
ipv6: Early TCP socket demux
2012-07-26 15:50:39 -07:00
psnap.h
raw.h
include/net/raw.h: Convert raw_seq_private macro to inline
2010-09-08 13:42:22 -07:00
rawv6.h
ipv6: bool/const conversions phase2
2012-05-19 01:08:16 -04:00
red.h
net_sched: red: Make minor corrections to comments
2012-04-16 23:53:11 -04:00
regulatory.h
cfg80211: add cellular base station regulatory hint support
2012-07-17 12:16:39 +02:00
request_sock.h
tcp: Change possible SYN flooding messages
2011-09-15 14:49:43 -04:00
rose.h
rose: Add length checks to CALL_REQUEST parsing
2011-03-27 17:59:04 -07:00
route.h
ipv4: Properly purge netdev references on uncached routes.
2012-07-31 15:06:50 -07:00
rtnetlink.h
rtnl: allow to specify different num for rx and tx queue count
2012-07-20 11:06:59 -07:00
sch_generic.h
net: rename bond_queue_mapping to slave_dev_queue_mapping
2012-07-20 11:07:00 -07:00
scm.h
get rid of ->scm_work_list
2012-07-22 23:58:00 +04:00
secure_seq.h
tcp: add const qualifiers where possible
2011-10-21 05:22:42 -04:00
slhc_vj.h
snmp.h
Merge branch 'for-3.3' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu
2012-01-09 13:08:28 -08:00
sock.h
tcp: Apply device TSO segment limit earlier
2012-08-02 00:19:17 -07:00
stp.h
tcp_memcontrol.h
cgroup: pass struct mem_cgroup instead of struct cgroup to socket memcg
2012-04-10 10:04:07 -07:00
tcp_states.h
tcp.h
net: tcp: ipv6_mapped needs sk_rx_dst_set method
2012-08-09 20:56:09 -07:00
timewait_sock.h
[PATCH] tcp: Cache inetpeer in timewait socket, and only when necessary.
2012-06-09 14:56:12 -07:00
transp_v6.h
net: relax PKTINFO non local ipv6 udp xmit check
2011-08-30 17:39:01 -04:00
udp.h
net/ipv6/udp: UDP encapsulation: introduce encap_rcv hook into IPv6
2012-04-28 22:21:51 -04:00
udplite.h
net: ipv4: Standardize prefixes for message logging
2012-03-12 17:05:21 -07:00
wext.h
wext: refactor
2009-10-07 16:39:43 -04:00
wimax.h
net: cleanup unsigned to unsigned int
2012-04-15 12:44:40 -04:00
wpan-phy.h
mac802154: monitor device support
2012-05-16 15:17:08 -04:00
x25.h
net: cleanup unsigned to unsigned int
2012-04-15 12:44:40 -04:00
x25device.h
X25: Add if_x25.h and x25 to device identifiers
2010-04-22 16:12:36 -07:00
xfrm.h
net: ipv6: fix oops in inet_putpeer()
2012-08-20 02:56:56 -07:00