linux

mirror of https://github.com/torvalds/linux.git synced 2024-09-21 23:43:02 +00:00

History

David Ahern bdb06cbf77 net: Fix panic in icmp_route_lookup Andrey reported a panic: [ 7249.865507] BUG: unable to handle kernel pointer dereference at 000000b4 [ 7249.865559] IP: [<c16afeca>] icmp_route_lookup+0xaa/0x320 [ 7249.865598] pdpt = 0000000030f7f001 pde = 0000000000000000 [ 7249.865637] Oops: 0000 [#1] ... [ 7249.866811] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.3.0-999-generic #201509220155 [ 7249.866876] Hardware name: MSI MS-7250/MS-7250, BIOS 080014 08/02/2006 [ 7249.866916] task: c1a5ab00 ti: c1a52000 task.ti: c1a52000 [ 7249.866949] EIP: 0060:[<c16afeca>] EFLAGS: 00210246 CPU: 0 [ 7249.866981] EIP is at icmp_route_lookup+0xaa/0x320 [ 7249.867012] EAX: 00000000 EBX: f483ba48 ECX: 00000000 EDX: f2e18a00 [ 7249.867045] ESI: 000000c0 EDI: f483ba70 EBP: f483b9ec ESP: f483b974 [ 7249.867077] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 [ 7249.867108] CR0: 8005003b CR2: 000000b4 CR3: 36ee07c0 CR4: 000006f0 [ 7249.867141] Stack: [ 7249.867165] 320310ee 00000000 00000042 320310ee 00000000 c1aeca00 f3920240 f0c69180 [ 7249.867268] f483ba04 f855058b a89b66cd f483ba44 f8962f4b 00000000 e659266c f483ba54 [ 7249.867361] 8004753c f483ba5c f8962f4b f2031140 000003c1 ffbd8fa0 c16b0e00 00000064 [ 7249.867448] Call Trace: [ 7249.867494] [<f855058b>] ? e1000_xmit_frame+0x87b/0xdc0 [e1000e] [ 7249.867534] [<f8962f4b>] ? tcp_in_window+0xeb/0xb10 [nf_conntrack] [ 7249.867576] [<f8962f4b>] ? tcp_in_window+0xeb/0xb10 [nf_conntrack] [ 7249.867615] [<c16b0e00>] ? icmp_send+0xa0/0x380 [ 7249.867648] [<c16b102f>] icmp_send+0x2cf/0x380 [ 7249.867681] [<f89c8126>] nf_send_unreach+0xa6/0xc0 [nf_reject_ipv4] [ 7249.867714] [<f89cd0da>] reject_tg+0x7a/0x9f [ipt_REJECT] [ 7249.867746] [<f88c29a7>] ipt_do_table+0x317/0x70c [ip_tables] [ 7249.867780] [<f895e0a6>] ? __nf_conntrack_find_get+0x166/0x3b0 [nf_conntrack] [ 7249.867838] [<f895eea8>] ? nf_conntrack_in+0x398/0x600 [nf_conntrack] [ 7249.867889] [<f84c0035>] iptable_filter_hook+0x35/0x80 [iptable_filter] [ 7249.867933] [<c16776a1>] nf_iterate+0x71/0x80 [ 7249.867970] [<c1677715>] nf_hook_slow+0x65/0xc0 [ 7249.868002] [<c1681811>] __ip_local_out_sk+0xc1/0xd0 [ 7249.868034] [<c1680f30>] ? ip_forward_options+0x1a0/0x1a0 [ 7249.868066] [<c1681836>] ip_local_out_sk+0x16/0x30 [ 7249.868097] [<c1684054>] ip_send_skb+0x14/0x80 [ 7249.868129] [<c16840f4>] ip_push_pending_frames+0x34/0x40 [ 7249.868163] [<c16844a2>] ip_send_unicast_reply+0x282/0x310 [ 7249.868196] [<c16a0863>] tcp_v4_send_reset+0x1b3/0x380 [ 7249.868227] [<c16a1b63>] tcp_v4_rcv+0x323/0x990 [ 7249.868257] [<c16776a1>] ? nf_iterate+0x71/0x80 [ 7249.868289] [<c167dc2b>] ip_local_deliver_finish+0x8b/0x230 [ 7249.868322] [<c167df4c>] ip_local_deliver+0x4c/0xa0 [ 7249.868353] [<c167dba0>] ? ip_rcv_finish+0x390/0x390 [ 7249.868384] [<c167d88c>] ip_rcv_finish+0x7c/0x390 [ 7249.868415] [<c167e280>] ip_rcv+0x2e0/0x420 ... Prior to the VRF change the oif was not set in the flow struct, so the VRF support should really have only added the vrf_master_ifindex lookup. Fixes: `613d09b30f` ("net: Use VRF device index for lookups on TX") Cc: Andrey Melnikov <temnota.am@gmail.com> Signed-off-by: David Ahern <dsa@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>		2015-09-25 21:44:02 -07:00
..
6lowpan	6lowpan: move module_init into core functionality	2015-08-11 22:05:36 +02:00
9p	net/9p: Remove ib_get_dma_mr calls	2015-08-30 18:12:36 -04:00
802
8021q	net: 8021q: convert to using IFF_NO_QUEUE	2015-08-18 11:55:06 -07:00
appletalk	net: Pass kern from net_proto_family.create to sk_alloc	2015-05-11 10:50:17 -04:00
atm	atm: deal with setting entry before mkip was called	2015-09-17 22:13:32 -07:00
ax25	NET: AX.25: Stop heartbeat timer on disconnect.	2015-07-15 15:59:58 -07:00
batman-adv	batman-adv: turn batadv_neigh_node_get() into local function	2015-08-27 20:15:34 +02:00
bluetooth	Bluetooth: Delay check for conn->smp in smp_conn_security()	2015-09-17 12:28:27 +02:00
bridge	bridge: fix igmpv3 / mldv2 report parsing	2015-09-11 15:08:20 -07:00
caif	net: caif: convert to using IFF_NO_QUEUE	2015-08-18 11:55:07 -07:00
can	can: replace timestamp as unique skb attribute	2015-07-12 21:13:22 +02:00
ceph	fs: create and use seq_show_option for escaping	2015-09-04 16:54:41 -07:00
core	net: fix net_device refcounting	2015-09-24 23:04:53 -07:00
dcb
dccp	tcp/dccp: fix timewait races in timer handling	2015-09-21 16:32:29 -07:00
decnet	net: ipv6: use common fib_default_rule_pref	2015-09-09 14:19:50 -07:00
dns_resolver
dsa	net: fix net_device refcounting	2015-09-24 23:04:53 -07:00
ethernet	flow_dissector: Add flags argument to skb_flow_dissector functions	2015-09-01 15:06:22 -07:00
hsr	net: hsr: convert to using IFF_NO_QUEUE	2015-08-18 11:55:07 -07:00
ieee802154	Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next	2015-08-29 13:15:03 -07:00
ipv4	net: Fix panic in icmp_route_lookup	2015-09-25 21:44:02 -07:00
ipv6	ip6_tunnel: Reduce log level in ip6_tnl_err() to debug	2015-09-24 16:08:37 -07:00
ipx	net: Pass kern from net_proto_family.create to sk_alloc	2015-05-11 10:50:17 -04:00
irda	irda: use msecs_to_jiffies for conversion to jiffies	2015-05-25 17:46:21 -04:00
iucv	net: Pass kern from net_proto_family.create to sk_alloc	2015-05-11 10:50:17 -04:00
key	net: Fix RCU splat in af_key	2015-08-24 14:48:10 -07:00
l2tp	net: Modify sk_alloc to not reference count the netns of kernel sockets.	2015-05-11 10:50:18 -04:00
lapb
llc	tcp: fix recv with flags MSG_WAITALL \| MSG_PEEK	2015-07-27 01:06:53 -07:00
mac80211	mac80211: reset CQM history upon reconfiguration	2015-09-22 15:22:50 +02:00
mac802154	ieee802154: add ack request default handling	2015-08-10 20:43:06 +02:00
mpls	mpls: fix mpls_net_init memory leak	2015-08-31 12:45:09 -07:00
netfilter	netfilter: nf_log: wait for rcu grace after logger unregistration	2015-09-17 13:37:31 +02:00
netlabel
netlink	netlink: Replace rhash_portid with bound	2015-09-24 12:07:08 -07:00
netrom	netfilter: Remove spurios included of netfilter.h	2015-06-18 21:14:32 +02:00
nfc	nfc: netlink: Add capability to reply to vendor_cmd with data	2015-08-20 22:00:11 +02:00
openvswitch	openvswitch: Zero flows on allocation.	2015-09-22 17:33:41 -07:00
packet	Fix AF_PACKET ABI breakage in 4.2	2015-09-23 14:33:55 -07:00
phonet	net: Pass kern from net_proto_family.create to sk_alloc	2015-05-11 10:50:17 -04:00
rds	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2015-09-10 13:53:15 -07:00
rfkill	rfkill: Copy "all" global state to other types	2015-09-04 14:26:56 +02:00
rose	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2015-06-24 02:58:51 -07:00
rxrpc	net: Pass kern from net_proto_family.create to sk_alloc	2015-05-11 10:50:17 -04:00
sched	net: revert "net_sched: move tp->root allocation into fw_init()"	2015-09-24 14:33:30 -07:00
sctp	sctp: fix race on protocol/netns initialization	2015-09-11 15:00:02 -07:00
sunrpc	Changes for 4.3	2015-09-09 08:33:31 -07:00
switchdev	switchdev: fix return value of switchdev_port_fdb_dump in case of error	2015-09-05 22:02:11 -07:00
tipc	tipc: reinitialize pointer after skb linearize	2015-09-20 22:31:20 -07:00
unix	net/unix: support SCM_SECURITY for stream sockets	2015-06-10 22:49:20 -07:00
vmw_vsock	net: Pass kern from net_proto_family.create to sk_alloc	2015-05-11 10:50:17 -04:00
wimax	net:wimax: Fix doucble word "the the" in networking.xml	2015-08-09 22:43:52 -07:00
wireless	cfg80211: regulatory: restore proper user alpha2	2015-09-04 14:29:25 +02:00
x25	net: Pass kern from net_proto_family.create to sk_alloc	2015-05-11 10:50:17 -04:00
xfrm	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next	2015-09-03 08:08:17 -07:00
compat.c	net: switch importing msghdr from userland to {compat_,}import_iovec()	2015-04-09 00:02:26 -04:00
Kconfig	lwtunnel: infrastructure for handling light weight tunnels like mpls	2015-07-21 10:39:03 -07:00
Makefile
socket.c	net: Add a struct net parameter to sock_create_kern	2015-05-11 10:50:17 -04:00
sysctl_net.c