On Thu, 2013-05-09 at 16:23 +0200, Jiri Pirko wrote: > Currently, if macvlan in passthru mode is created and data are rxed and > you remove this device, following panic happens: > > NULL pointer dereference at 0000000000000198 > IP: [<ffffffffa0196058>] macvlan_handle_frame+0x153/0x1f7 [macvlan] > ... > > Reason of the panic is that list_first_entry() is blindly called in > macvlan_handle_frame() even if the list was empty. vlan is set to > incorrect pointer which leads to the crash. > > I'm fixing this by protecting port->vlans list by rcu and by preventing > from getting incorrect pointer in case the list is empty. > > Introduced by: commit eb06acdc85585f2 "macvlan: Introduce 'passthru' mode to > takeover the underlying device" > > Signed-off-by: Jiri Pirko <[email protected]> > ---
Acked-by: Eric Dumazet <[email protected]> -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
