github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-09 07:03:37 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
fb596ec8d3
linux/net/bridge
History
Ido Schimmel e29066778b bridge: netlink: register netdevice before executing changelink 
[ Upstream commit 5b8d5429da ]

Peter reported a kernel oops when executing the following command:

$ ip link add name test type bridge vlan_default_pvid 1

[13634.939408] BUG: unable to handle kernel NULL pointer dereference at
0000000000000190
[13634.939436] IP: __vlan_add+0x73/0x5f0
[...]
[13634.939783] Call Trace:
[13634.939791]  ? pcpu_next_unpop+0x3b/0x50
[13634.939801]  ? pcpu_alloc+0x3d2/0x680
[13634.939810]  ? br_vlan_add+0x135/0x1b0
[13634.939820]  ? __br_vlan_set_default_pvid.part.28+0x204/0x2b0
[13634.939834]  ? br_changelink+0x120/0x4e0
[13634.939844]  ? br_dev_newlink+0x50/0x70
[13634.939854]  ? rtnl_newlink+0x5f5/0x8a0
[13634.939864]  ? rtnl_newlink+0x176/0x8a0
[13634.939874]  ? mem_cgroup_commit_charge+0x7c/0x4e0
[13634.939886]  ? rtnetlink_rcv_msg+0xe1/0x220
[13634.939896]  ? lookup_fast+0x52/0x370
[13634.939905]  ? rtnl_newlink+0x8a0/0x8a0
[13634.939915]  ? netlink_rcv_skb+0xa1/0xc0
[13634.939925]  ? rtnetlink_rcv+0x24/0x30
[13634.939934]  ? netlink_unicast+0x177/0x220
[13634.939944]  ? netlink_sendmsg+0x2fe/0x3b0
[13634.939954]  ? _copy_from_user+0x39/0x40
[13634.939964]  ? sock_sendmsg+0x30/0x40
[13634.940159]  ? ___sys_sendmsg+0x29d/0x2b0
[13634.940326]  ? __alloc_pages_nodemask+0xdf/0x230
[13634.940478]  ? mem_cgroup_commit_charge+0x7c/0x4e0
[13634.940592]  ? mem_cgroup_try_charge+0x76/0x1a0
[13634.940701]  ? __handle_mm_fault+0xdb9/0x10b0
[13634.940809]  ? __sys_sendmsg+0x51/0x90
[13634.940917]  ? entry_SYSCALL_64_fastpath+0x1e/0xad

The problem is that the bridge's VLAN group is created after setting the
default PVID, when registering the netdevice and executing its
ndo_init().

Fix this by changing the order of both operations, so that
br_changelink() is only processed after the netdevice is registered,
when the VLAN group is already initialized.

Fixes: b6677449df ("bridge: netlink: call br_changelink() during br_dev_newlink()")
Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Reported-by: Peter V. Saveliev <peter@svinota.eu>
Tested-by: Peter V. Saveliev <peter@svinota.eu>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-10-08 10:14:19 +02:00
..
netfilter netfilter: remove hook owner refcounting 2015-10-16 18:21:39 +02:00
br_device.c bridge: fix lockdep addr_list_lock false positive splat 2016-01-31 11:29:01 -08:00
br_fdb.c bridge: Don't insert unnecessary local fdb entry on changing mac address 2016-06-24 10:18:17 -07:00
br_forward.c bridge: set is_local and is_static before fdb entry is added to the fdb hashtable 2015-10-30 12:13:05 +09:00
br_if.c bridge: defer switchdev fdb del call in fdb_del_external_learn 2015-10-15 06:09:50 -07:00
br_input.c bridge: drop netfilter fake rtable unconditionally 2017-03-22 12:04:17 +01:00
br_ioctl.c net: bridge: fix old ioctl unlocked net device walk 2016-05-18 17:06:42 -07:00
br_mdb.c bridge: vlan: add per-vlan struct and move to rhashtables 2015-09-29 13:36:06 -07:00
br_multicast.c bridge: multicast: restore perm router ports on multicast enable 2016-11-15 07:46:38 +01:00
br_netfilter_hooks.c bridge: drop netfilter fake rtable unconditionally 2017-03-22 12:04:17 +01:00
br_netfilter_ipv6.c bridge: Pass net into br_validate_ipv4 and br_validate_ipv6 2015-09-29 20:21:32 +02:00
br_netlink.c bridge: netlink: register netdevice before executing changelink 2017-10-08 10:14:19 +02:00
br_nf_core.c net: Remove protocol from struct dst_ops 2015-03-09 16:06:10 -04:00
br_private_stp.h net: 8021q/bluetooth/bridge/can/ceph: Remove extern from function prototypes 2013-10-19 19:12:11 -04:00
br_private.h Bridge: Fix ipv6 mc snooping if bridge has no ipv6 address 2016-07-11 09:31:11 -07:00
br_stp_bpdu.c netfilter: Pass net into okfn 2015-09-17 17:18:37 -07:00
br_stp_if.c net: bridge: start hello timer only if device is up 2017-06-14 13:16:19 +02:00
br_stp_timer.c bridge: start hello_timer when enabling KERNEL_STP in br_stp_start 2017-06-07 12:05:58 +02:00
br_stp.c bridge: Allow set bridge ageing time when switchdev disabled 2016-04-20 15:42:05 +09:00
br_sysfs_br.c bridge: fix gc_timer mod/del race condition 2015-10-13 04:50:17 -07:00
br_sysfs_if.c bridge: vlan: flush the dynamically learned entries on port vlan delete 2015-06-24 05:40:55 -07:00
br_vlan.c bridge: vlan: Use rcu_dereference instead of rtnl_dereference 2015-11-02 16:27:39 -05:00
br.c switchdev: Require RTNL mutex to be held when sending FDB notifications 2016-03-03 15:07:04 -08:00
Kconfig bridge: Add vlan filtering infrastructure 2013-02-13 19:41:46 -05:00
Makefile netfilter: bridge: split ipv6 code into separated file 2015-06-18 21:14:21 +02:00