On Fri, Mar 22, 2019 at 5:37 AM John Hurley <john.hur...@netronome.com> wrote:
>
> A new mirred action is created by the tcf_mirred_init function. This
> contains a list head struct which is inserted into a global list on
> successful creation of a new action. However, after a creation, it is
> still possible to error out and call the tcf_idr_release function. This,
> in turn, calls the act_mirr cleanup function via __tcf_idr_release and
> __tcf_action_put. This cleanup function tries to delete the list entry
> which is as yet uninitialised, leading to a NULL pointer exception.
>
> Fix this by initialising the list entry on creation of a new action.
...
>
> Fixes: 4e232818bd32 ("net: sched: act_mirred: remove dependency on rtnl lock")
> Signed-off-by: John Hurley <john.hur...@netronome.com>
> Reviewed-by: Jakub Kicinski <jakub.kicin...@netronome.com>Acked-by: Cong Wang <xiyou.wangc...@gmail.com> Thanks for the update!
