OpenCloudOS-Kernel/net/sched
Cong Wang 50317fce2c net_sched: avoid matching qdisc with zero handle
Davide found the following script triggers a NULL pointer
dereference:

ip l a name eth0 type dummy
tc q a dev eth0 parent :1 handle 1: htb

This is because for a freshly created netdevice noop_qdisc
is attached and when passing 'parent :1', kernel actually
tries to match the major handle which is 0 and noop_qdisc
has handle 0 so is matched by mistake. Commit 69012ae425
tries to fix a similar bug but still misses this case.

Handle 0 is not a valid one, should be just skipped. In
fact, kernel uses it as TC_H_UNSPEC.

Fixes: 69012ae425 ("net: sched: fix handling of singleton qdiscs with qdisc_hash")
Fixes: 59cc1f61f0 ("net: sched:convert qdisc linked list to hashtable")
Reported-by: Davide Caratti <dcaratti@redhat.com>
Cc: Jiri Kosina <jkosina@suse.cz>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-10-29 17:55:03 +09:00
..
Kconfig net: sched: select cls when cls_act is enabled 2017-06-05 10:56:36 -04:00
Makefile net/sched: Introduce sample tc action 2017-01-24 13:44:28 -05:00
act_api.c net: sched: fix use-after-free in tcf_action_destroy and tcf_del_walker 2017-09-13 09:34:08 -07:00
act_bpf.c net/sched: Change act_api and act_xxx modules to use IDR 2017-08-30 14:38:51 -07:00
act_connmark.c net/sched: Change act_api and act_xxx modules to use IDR 2017-08-30 14:38:51 -07:00
act_csum.c net/sched: Change act_api and act_xxx modules to use IDR 2017-08-30 14:38:51 -07:00
act_gact.c net/sched: Change act_api and act_xxx modules to use IDR 2017-08-30 14:38:51 -07:00
act_ife.c net/sched: Change act_api and act_xxx modules to use IDR 2017-08-30 14:38:51 -07:00
act_ipt.c net/sched: Change act_api and act_xxx modules to use IDR 2017-08-30 14:38:51 -07:00
act_meta_mark.c Support to encoding decoding skb mark on IFE action 2016-03-01 17:15:23 -05:00
act_meta_skbprio.c Support to encoding decoding skb prio on IFE action 2016-03-01 17:15:23 -05:00
act_meta_skbtcindex.c net sched ife action: Introduce skb tcindex metadata encap decap 2016-09-19 21:55:28 -04:00
act_mirred.c net/sched: Change act_api and act_xxx modules to use IDR 2017-08-30 14:38:51 -07:00
act_nat.c net/sched: Change act_api and act_xxx modules to use IDR 2017-08-30 14:38:51 -07:00
act_pedit.c net/sched: Change act_api and act_xxx modules to use IDR 2017-08-30 14:38:51 -07:00
act_police.c net/sched: Change act_api and act_xxx modules to use IDR 2017-08-30 14:38:51 -07:00
act_sample.c net/sched: Change act_api and act_xxx modules to use IDR 2017-08-30 14:38:51 -07:00
act_simple.c net/sched: Change act_api and act_xxx modules to use IDR 2017-08-30 14:38:51 -07:00
act_skbedit.c net/sched: Change act_api and act_xxx modules to use IDR 2017-08-30 14:38:51 -07:00
act_skbmod.c net/sched: Change act_api and act_xxx modules to use IDR 2017-08-30 14:38:51 -07:00
act_tunnel_key.c net/sched: Change act_api and act_xxx modules to use IDR 2017-08-30 14:38:51 -07:00
act_vlan.c net/sched: Change act_api and act_xxx modules to use IDR 2017-08-30 14:38:51 -07:00
cls_api.c net_sched: carefully handle tcf_block_put() 2017-09-12 20:41:02 -07:00
cls_basic.c net_sched: add reverse binding for tc class 2017-08-31 11:40:52 -07:00
cls_bpf.c net_sched: add reverse binding for tc class 2017-08-31 11:40:52 -07:00
cls_cgroup.c net_sched: use void pointer for filter handle 2017-08-07 14:12:17 -07:00
cls_flow.c net_sched: use void pointer for filter handle 2017-08-07 14:12:17 -07:00
cls_flower.c net/sched: cls_flower: Set egress_dev mark when calling into the HW driver 2017-10-16 21:18:59 +01:00
cls_fw.c net_sched: add reverse binding for tc class 2017-08-31 11:40:52 -07:00
cls_matchall.c net/sched: cls_matchall: fix crash when used with classful qdisc 2017-09-18 16:37:36 -07:00
cls_route.c net_sched: add reverse binding for tc class 2017-08-31 11:40:52 -07:00
cls_rsvp.c
cls_rsvp.h net/sched: fix pointer check in gen_handle 2017-09-11 14:34:52 -07:00
cls_rsvp6.c
cls_tcindex.c net_sched: add reverse binding for tc class 2017-08-31 11:40:52 -07:00
cls_u32.c net_sched: add reverse binding for tc class 2017-08-31 11:40:52 -07:00
em_canid.c net: sched: remove tcf_proto from ematch calls 2014-10-06 18:02:32 -04:00
em_cmp.c
em_ipset.c netfilter: x_tables: move hook state into xt_action_param structure 2016-11-03 10:56:21 +01:00
em_meta.c net: convert sock.sk_refcnt from atomic_t to refcount_t 2017-07-01 07:39:08 -07:00
em_nbyte.c net: sched: remove tcf_proto from ematch calls 2014-10-06 18:02:32 -04:00
em_text.c net: Remove state argument from skb_find_text() 2015-02-22 15:59:54 -05:00
em_u32.c
ematch.c netlink: pass extended ACK struct to parsing functions 2017-04-13 13:58:22 -04:00
sch_api.c net_sched: avoid matching qdisc with zero handle 2017-10-29 17:55:03 +09:00
sch_atm.c net_sched: remove tc class reference counting 2017-08-25 17:19:10 -07:00
sch_blackhole.c net_sched: drop packets after root qdisc lock is released 2016-06-25 12:19:35 -04:00
sch_cbq.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-09-01 17:42:05 -07:00
sch_choke.c treewide: use kv[mz]alloc* rather than opencoded variants 2017-05-08 17:15:13 -07:00
sch_codel.c netlink: pass extended ACK struct to parsing functions 2017-04-13 13:58:22 -04:00
sch_drr.c net_sched: remove tc class reference counting 2017-08-25 17:19:10 -07:00
sch_dsmark.c net_sched: remove tc class reference counting 2017-08-25 17:19:10 -07:00
sch_fifo.c sched: don't use skb queue helpers 2016-09-19 01:47:18 -04:00
sch_fq.c mm, tree wide: replace __GFP_REPEAT by __GFP_RETRY_MAYFAIL with more useful semantic 2017-07-12 16:26:03 -07:00
sch_fq_codel.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-09-01 17:42:05 -07:00
sch_generic.c net_sched: always reset qdisc backlog in qdisc_reset() 2017-09-21 11:56:32 -07:00
sch_gred.c netlink: pass extended ACK struct to parsing functions 2017-04-13 13:58:22 -04:00
sch_hfsc.c net_sched/hfsc: fix curve activation in hfsc_change_class() 2017-09-21 11:56:32 -07:00
sch_hhf.c sch_hhf: fix null pointer dereference on init failure 2017-08-30 15:26:11 -07:00
sch_htb.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-09-01 17:42:05 -07:00
sch_ingress.c net_sched: remove tc class reference counting 2017-08-25 17:19:10 -07:00
sch_mq.c net_sched: remove tc class reference counting 2017-08-25 17:19:10 -07:00
sch_mqprio.c net_sched: remove tc class reference counting 2017-08-25 17:19:10 -07:00
sch_multiq.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-09-01 17:42:05 -07:00
sch_netem.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-09-01 17:42:05 -07:00
sch_pie.c netlink: pass extended ACK struct to parsing functions 2017-04-13 13:58:22 -04:00
sch_plug.c net_sched: drop packets after root qdisc lock is released 2016-06-25 12:19:35 -04:00
sch_prio.c sched: Use __qdisc_drop instead of kfree_skb in sch_prio and sch_qfq 2017-09-06 21:20:07 -07:00
sch_qfq.c sched: Use __qdisc_drop instead of kfree_skb in sch_prio and sch_qfq 2017-09-06 21:20:07 -07:00
sch_red.c net_sched: remove tc class reference counting 2017-08-25 17:19:10 -07:00
sch_sfb.c net_sched: remove tc class reference counting 2017-08-25 17:19:10 -07:00
sch_sfq.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-09-01 17:42:05 -07:00
sch_tbf.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-09-01 17:42:05 -07:00
sch_teql.c net: make ndo_get_stats64 a void function 2017-01-08 17:51:44 -05:00