UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,228,230 Commits 6 Branches 27 Tags 3.2 GiB
C 97%
Assembly 1.4%
C++ 0.6%
Makefile 0.3%
Shell 0.3%
Other 0.3%
Go to file
Honglin Li 26941c0f5e rue/net: avoid wrong memory access to struct net_device 
It assigns the net_device pointer of network interface to
sock->in_dev in cls_tc_rx_hook() in the receiving process.
The use of a sock->in_dev pointer can potentially lead to
wrong memory access if the memory of struct net_device is
freed after network interface is unregistered, which may
cause kernel crash.

The above use after free issue causes a crash as follows:

BUG: unable to handle page fault for address: ffffffed698999c8
CPU: 50 PID: 1290732 Comm: kubelet Kdump: loaded
Tainted: G O K 5.4.119-1-tlinux4-0009.1 #1
RIP: 0010:cls_cgroup_tx_accept+0x5e/0x120
Call Trace:
 <IRQ>
 cls_tc_tx_hook+0x10d/0x1a0
 nf_hook_slow+0x43/0xc0
 __ip_local_out+0xcb/0x130
 ? ip_forward_options+0x190/0x190
 ip_local_out+0x1c/0x40
 __ip_queue_xmit+0x162/0x3d0
 ? rx_cgroup_throttle.isra.4+0x2b0/0x2b0
 ip_queue_xmit+0x10/0x20
 __tcp_transmit_skb+0x57f/0xbe0
 __tcp_retransmit_skb+0x1b0/0x8a0
 tcp_retransmit_skb+0x19/0xd0
 tcp_retransmit_timer+0x367/0xa80
 ? kvm_clock_get_cycles+0x11/0x20
 ? ktime_get+0x34/0x90
 tcp_write_timer_handler+0x93/0x1f0
 tcp_write_timer+0x7c/0x80
 ? tcp_write_timer_handler+0x1f0/0x1f0
 call_timer_fn+0x35/0x130
 run_timer_softirq+0x1a8/0x420
 ? ktime_get+0x34/0x90
 ? clockevents_program_event+0x85/0xe0
 __do_softirq+0x8c/0x2d7
 ? hrtimer_interrupt+0x12a/0x210
 irq_exit+0xa3/0xb0
 smp_apic_timer_interrupt+0x77/0x130
 apic_timer_interrupt+0xf/0x20
 </IRQ>

We introduce indev_ifindex as a new struct filed to record
the ifindex of net_device, and then indev_ifindex can be
used for obtaining an index to avoid direct memory access
to struct members of in_dev pointer.

Fixes: f8829546f3b3 ("rue/net: init netcls traffic controller")
Signed-off-by: Honglin Li <honglinli@tencent.com>
Reviewed-by: Ze Gao <zegao@tencent.com>
 		2024-09-27 11:13:30 +08:00
Documentation Merge linux 6.6.47 2024-08-24 09:43:23 +08:00
LICENSES LICENSES: Add the copyleft-next-0.3.1 license 2022-11-08 15:44:01 +01:00
arch rue: init rue module 2024-09-27 11:13:29 +08:00
block blkcg/diskstats: Fix the extra cpu parameter 2024-09-27 11:13:29 +08:00
certs certs: Reference revocation list for all keyrings 2023-08-17 20:12:41 +00:00
crypto Merge linux 6.6.39 2024-07-17 14:19:57 +08:00
dist rue: init rue module 2024-09-27 11:13:29 +08:00
drivers rue/net: avoid wrong memory access to struct net_device 2024-09-27 11:13:30 +08:00
fs Merge linux 6.6.47 2024-08-24 09:43:23 +08:00
include rue/net: avoid wrong memory access to struct net_device 2024-09-27 11:13:30 +08:00
init rue: init rue module 2024-09-27 11:13:29 +08:00
io_uring io_uring: fix io_match_task must_hold 2024-08-03 08:54:41 +02:00
ipc sysctl: treewide: drop unused argument ctl_table_root::set_ownership(table) 2024-08-11 12:47:13 +02:00
kernel rue/net: adapt to the new rue modular framework 2024-09-27 11:13:30 +08:00
lib Merge linux 6.6.44 2024-08-05 17:22:57 +08:00
mm mm: set default watermark_boost_factor value to 0 2024-09-27 11:13:28 +08:00
net rue/net: avoid wrong memory access to struct net_device 2024-09-27 11:13:30 +08:00
rust rust: kernel: require `Send` for `Module` implementations 2024-05-17 12:01:56 +02:00
samples bpf: Replace bpf_lpm_trie_key 0-length array with flexible array 2024-08-19 06:04:27 +02:00
scripts config,oc: support WLAN and MTD and more SND drivers 2024-08-26 16:33:47 +08:00
security Merge linux 6.6.44 2024-08-05 17:22:57 +08:00
sound Merge linux 6.6.47 2024-08-24 09:43:23 +08:00
tools Merge OKC next branch to TK5 master branch 2024-08-27 19:48:02 +08:00
usr initramfs: Encode dependency on KBUILD_BUILD_TIMESTAMP 2023-06-06 17:54:49 +09:00
virt KVM: Setup empty IRQ routing when creating a VM 2024-08-14 17:08:55 +08:00
.clang-format iommu: Add for_each_group_device() 2023-05-23 08:15:51 +02:00
.cocciconfig
.get_maintainer.ignore get_maintainer: add Alan to .get_maintainer.ignore 2022-08-20 15:17:44 -07:00
.gitattributes dist: initial support 2023-12-12 15:56:34 +08:00
.gitignore dist: initial support 2023-12-12 15:56:34 +08:00
.gitmodules drivers/thirdparty: put release-drivers in tree 2024-08-27 17:10:54 +08:00
.mailmap 20 hotfixes. 12 are cc:stable and the remainder address post-6.5 issues 2023-10-24 09:52:16 -10:00
.rustfmt.toml rust: add `.rustfmt.toml` 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS USB: Remove Wireless USB and UWB documentation 2023-08-09 14:17:32 +02:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig kconfig: Fix duplicate "Tencent Kernel Features" menu config 2024-06-24 20:23:33 +08:00
MAINTAINERS hwmon: Add support for Zhaoxin core temperature monitoring 2024-08-20 10:57:54 +08:00
Makefile Merge linux 6.6.47 2024-08-24 09:43:23 +08:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00
config-readme Makefile, dist: add "make tencentconfig" support 2024-03-04 13:25:26 +08:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.