linux

mirror of https://github.com/torvalds/linux.git synced 2026-06-08 14:42:37 +02:00

History

Neil Horman 9c0a4652f7 sctp: Don't add the shutdown timer if its already been added [ Upstream commit `20a785aa52` ] This BUG halt was reported a while back, but the patch somehow got missed: PID: 2879 TASK: c16adaa0 CPU: 1 COMMAND: "sctpn" #0 [f418dd28] crash_kexec at c04a7d8c #1 [f418dd7c] oops_end at c0863e02 #2 [f418dd90] do_invalid_op at c040aaca #3 [f418de28] error_code (via invalid_op) at c08631a5 EAX: f34baac0 EBX: 00000090 ECX: f418deb0 EDX: f5542950 EBP: 00000000 DS: 007b ESI: f34ba800 ES: 007b EDI: f418dea0 GS: 00e0 CS: 0060 EIP: c046fa5e ERR: ffffffff EFLAGS: 00010286 #4 [f418de5c] add_timer at c046fa5e #5 [f418de68] sctp_do_sm at f8db8c77 [sctp] #6 [f418df30] sctp_primitive_SHUTDOWN at f8dcc1b5 [sctp] #7 [f418df48] inet_shutdown at c080baf9 #8 [f418df5c] sys_shutdown at c079eedf #9 [f418df70] sys_socketcall at c079fe88 EAX: ffffffda EBX: 0000000d ECX: bfceea90 EDX: 0937af98 DS: 007b ESI: 0000000c ES: 007b EDI: b7150ae4 SS: 007b ESP: bfceea7c EBP: bfceeaa8 GS: 0033 CS: 0073 EIP: b775c424 ERR: 00000066 EFLAGS: 00000282 It appears that the side effect that starts the shutdown timer was processed multiple times, which can happen as multiple paths can trigger it. This of course leads to the BUG halt in add_timer getting called. Fix seems pretty straightforward, just check before the timer is added if its already been started. If it has mod the timer instead to min(current expiration, new expiration) Its been tested but not confirmed to fix the problem, as the issue has only occured in production environments where test kernels are enjoined from being installed. It appears to be a sane fix to me though. Also, recentely, Jere found a reproducer posted on list to confirm that this resolves the issues Signed-off-by: Neil Horman <nhorman@tuxdriver.com> CC: Vlad Yasevich <vyasevich@gmail.com> CC: "David S. Miller" <davem@davemloft.net> CC: jere.leppanen@nokia.com CC: marcelo.leitner@gmail.com CC: netdev@vger.kernel.org Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2020-06-03 08:19:21 +02:00
..
6lowpan	6lowpan: Off by one handling ->nexthdr	2020-01-27 14:50:41 +01:00
9p	9p: Transport error uninitialized	2019-10-11 18:21:12 +02:00
802
8021q	vlan: vlan_changelink() should propagate errors	2020-01-12 12:17:28 +01:00
appletalk	appletalk: Set error code if register_snap_client failed	2019-12-13 08:52:59 +01:00
atm	net: use skb_queue_empty_lockless() in poll() handlers	2019-11-10 11:27:48 +01:00
ax25	ax25: fix setsockopt(SO_BINDTODEVICE)	2020-06-03 08:19:02 +02:00
batman-adv	batman-adv: Fix refcnt leak in batadv_v_ogm_process	2020-05-14 07:57:22 +02:00
bluetooth	Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl	2020-04-13 10:45:14 +02:00
bpf	bpf/test_run: support cgroup local storage	2018-08-03 00:47:32 +02:00
bpfilter	signal/bpfilter: Fix bpfilter_kernl to use send_sig not force_sig	2020-01-27 14:50:51 +01:00
bridge	netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule	2020-01-27 14:50:47 +01:00
caif	net: use skb_queue_empty_lockless() in poll() handlers	2019-11-10 11:27:48 +01:00
can	can: gw: Fix error path of cgw_module_init	2019-08-29 08:28:30 +02:00
ceph	ceph: check POOL_FLAG_FULL/NEARFULL in addition to OSDMAP_FULL/NEARFULL	2020-04-02 15:28:16 +02:00
core	__netif_receive_skb_core: pass skb by reference	2020-06-03 08:19:05 +02:00
dcb	net: dcb: Add priority-to-DSCP map getters	2018-07-27 13:17:50 -07:00
dccp	net: ipv6: add net argument to ip6_dst_lookup_flow	2020-04-29 16:31:16 +02:00
decnet	net: add bool confirm_neigh parameter for dst_ops.update_pmtu	2020-01-04 19:13:37 +01:00
dns_resolver	KEYS: Don't write out to userspace while holding key semaphore	2020-04-23 10:30:24 +02:00
dsa	net: dsa: mt7530: fix roaming from DSA user ports	2020-06-03 08:19:03 +02:00
ethernet	net: add annotations on hh->hh_len lockless accesses	2020-01-09 10:19:09 +01:00
hsr	hsr: check protocol version in hsr_newlink()	2020-04-21 09:03:03 +02:00
ieee802154	nl802154: add missing attribute validation for dev_type	2020-03-18 07:14:15 +01:00
ife
ipv4	net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()"	2020-06-03 08:19:14 +02:00
ipv6	Revert "ipv6: add mtu lock check in __ip6_rt_update_pmtu"	2020-05-20 08:18:36 +02:00
iucv	net/af_iucv: always register net_device notifier	2020-01-27 14:50:56 +01:00
kcm	kcm: switch order of device registration to fix a crash	2019-04-17 08:38:40 +02:00
key	af_key: fix leaks in key_pol_get_resp and dump_sp.	2019-07-26 09:14:01 +02:00
l2tp	net: ipv6: add net argument to ip6_dst_lookup_flow	2020-04-29 16:31:16 +02:00
l3mdev
lapb	lapb: fixed leak of control-blocks.	2019-06-22 08:15:13 +02:00
llc	llc: fix sk_buff refcounting in llc_conn_state_process()	2020-01-27 14:51:17 +01:00
mac80211	mac80211: add ieee80211_is_any_nullfunc()	2020-05-10 10:30:12 +02:00
mac802154	net: mac802154: tx: expand tailroom if necessary	2018-08-06 11:21:37 +02:00
mpls	net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup	2020-04-29 16:31:17 +02:00
ncsi	net/ncsi: Fixup .dumpit message flags and ID check in Netlink handler	2018-08-22 21:39:08 -07:00
netfilter	netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start()	2020-05-20 08:18:44 +02:00
netlabel	netlabel: cope with NULL catmap	2020-05-20 08:18:35 +02:00
netlink	netlink: Use netlink header as base to calculate bad attribute offset	2020-03-18 07:14:12 +01:00
netrom	net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node	2020-04-29 16:31:21 +02:00
nfc	nfc: add missing attribute validation for vendor subcommand	2020-03-18 07:14:17 +01:00
nsh	nsh: set mac len based on inner packet	2018-07-12 16:55:29 -07:00
openvswitch	openvswitch: support asymmetric conntrack	2019-12-21 10:57:14 +01:00
packet	net/packet: tpacket_rcv: avoid a producer race condition	2020-04-02 15:28:11 +02:00
phonet	net: use skb_queue_empty_lockless() in poll() handlers	2019-11-10 11:27:48 +01:00
psample	net: psample: fix skb_over_panic	2019-12-05 09:21:30 +01:00
qrtr	net: qrtr: Fix passing invalid reference to qrtr_local_enqueue()	2020-06-03 08:19:12 +02:00
rds	net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names'	2020-01-27 14:51:13 +01:00
rfkill	rfkill: Fix incorrect check to avoid NULL pointer dereference	2020-01-12 12:17:17 +01:00
rose	net/rose: fix unbound loop in rose_loopback_timer()	2019-05-02 09:59:00 +02:00
rxrpc	rxrpc: Fix ack discard	2020-05-27 17:37:46 +02:00
sched	sch_sfq: validate silly quantum values	2020-05-14 07:57:18 +02:00
sctp	sctp: Don't add the shutdown timer if its already been added	2020-06-03 08:19:21 +02:00
smc	net/smc: cancel event worker during device removal	2020-03-18 07:14:25 +01:00
strparser	net: strparser: partially revert "strparser: Call skb_unclone conditionally"	2019-05-16 19:41:27 +02:00
sunrpc	svcrdma: Fix leak of svc_rdma_recv_ctxt objects	2020-05-02 17:25:52 +02:00
switchdev
tipc	tipc: fix partial topology connection closure	2020-05-14 07:57:18 +02:00
tls	net/tls: Fix to avoid gettig invalid tls record	2020-03-05 16:42:17 +01:00
unix	af_unix: add compat_ioctl support	2020-01-17 19:47:07 +01:00
vmw_vsock	hv_sock: Remove the accept port restriction	2020-02-14 16:33:22 -05:00
wimax	wimax: remove blank lines at EOF	2018-07-24 14:10:42 -07:00
wireless	nl80211: fix NL80211_ATTR_CHANNEL_WIDTH attribute type	2020-04-02 15:28:17 +02:00
x25	net/x25: Fix x25_neigh refcnt leak when receiving frame	2020-04-29 16:31:21 +02:00
xdp	xsk: Add missing check on user supplied headroom size	2020-04-23 10:30:15 +02:00
xfrm	xfrm: policy: Fix doulbe free in xfrm_policy_timer	2020-04-02 15:28:19 +02:00
compat.c	sock: Make sock->sk_stamp thread-safe	2019-01-09 17:38:33 +01:00
Kconfig	net: remove blank lines at end of file	2018-07-24 14:10:43 -07:00
Makefile	bpfilter: check compiler capability in Kconfig	2018-06-28 13:36:39 +09:00
socket.c	compat_ioctl: handle SIOCOUTQNSD	2020-01-17 19:47:07 +01:00
sysctl_net.c