armbian/linux-cix
0
0
Fork 0
mirror of https://github.com/armbian/linux-cix.git synced 2026-01-06 12:30:45 -08:00
Code Issues Packages Projects Releases Wiki Activity
1,226,664 Commits 9 Branches 2 Tags
e3145ca904fa8dbfd1a5bf0187905bc117b0efce
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Nikolay Aleksandrov e3145ca904 net: bridge: mcast: wait for previous gc cycles when removing port 
[ Upstream commit 92c4ee25208d0f35dafc3213cdf355fbe449e078 ]

syzbot hit a use-after-free[1] which is caused because the bridge doesn't
make sure that all previous garbage has been collected when removing a
port. What happens is:
      CPU 1                   CPU 2
 start gc cycle           remove port
                         acquire gc lock first
 wait for lock
                         call br_multicasg_gc() directly
 acquire lock now but    free port
 the port can be freed
 while grp timers still
 running

Make sure all previous gc cycles have finished by using flush_work before
freeing the port.

[1]
  BUG: KASAN: slab-use-after-free in br_multicast_port_group_expired+0x4c0/0x550 net/bridge/br_multicast.c:861
  Read of size 8 at addr ffff888071d6d000 by task syz.5.1232/9699

  CPU: 1 PID: 9699 Comm: syz.5.1232 Not tainted 6.10.0-rc5-syzkaller-00021-g24ca36a562d6 #0
  Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
  Call Trace:
   <IRQ>
   __dump_stack lib/dump_stack.c:88 [inline]
   dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114
   print_address_description mm/kasan/report.c:377 [inline]
   print_report+0xc3/0x620 mm/kasan/report.c:488
   kasan_report+0xd9/0x110 mm/kasan/report.c:601
   br_multicast_port_group_expired+0x4c0/0x550 net/bridge/br_multicast.c:861
   call_timer_fn+0x1a3/0x610 kernel/time/timer.c:1792
   expire_timers kernel/time/timer.c:1843 [inline]
   __run_timers+0x74b/0xaf0 kernel/time/timer.c:2417
   __run_timer_base kernel/time/timer.c:2428 [inline]
   __run_timer_base kernel/time/timer.c:2421 [inline]
   run_timer_base+0x111/0x190 kernel/time/timer.c:2437

Reported-by: syzbot+263426984509be19c9a0@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=263426984509be19c9a0
Fixes: e12cec65b5 ("net: bridge: mcast: destroy all entries via gc")
Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org>
Link: https://patch.msgid.link/20240802080730.3206303-1-razor@blackwall.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-08-14 13:58:39 +02:00
arch
x86/mm: Fix pti_clone_entry_text() for i386
2024-08-14 13:58:38 +02:00
block
block: fix deadlock between sd_remove & sd_release
2024-08-03 08:54:24 +02:00
certs
certs: Reference revocation list for all keyrings
2023-08-17 20:12:41 +00:00
crypto
crypto: aead,cipher - zeroize key buffer after use
2024-07-11 12:49:04 +02:00
Documentation
dt-bindings: thermal: correct thermal zone node name limit
2024-08-03 08:54:12 +02:00
drivers
net: usb: qmi_wwan: fix memory leak for not ip packets
2024-08-14 13:58:39 +02:00
fs
smb: client: handle lack of FSCTL_GET_REPARSE_POINT support
2024-08-14 13:58:38 +02:00
include
platform/x86/intel/ifs: Gen2 Scan test support
2024-08-14 13:58:37 +02:00
init
rust: SHADOW_CALL_STACK is incompatible with Rust
2024-08-11 12:47:24 +02:00
io_uring
io_uring: fix io_match_task must_hold
2024-08-03 08:54:41 +02:00
ipc
sysctl: treewide: drop unused argument ctl_table_root::set_ownership(table)
2024-08-11 12:47:13 +02:00
kernel
jump_label: Fix the fix, brown paper bags galore
2024-08-14 13:58:38 +02:00
lib
lib/build_OID_registry: don't mention the full path of the script in output
2024-08-03 08:54:32 +02:00
LICENSES
LICENSES: Add the copyleft-next-0.3.1 license
2022-11-08 15:44:01 +01:00
mm
mm/page_alloc: fix pcp->count race between drain_pages_zone() vs __rmqueue_pcplist()
2024-08-11 12:47:16 +02:00
net
net: bridge: mcast: wait for previous gc cycles when removing port
2024-08-14 13:58:39 +02:00
rust
rust: kernel: require Send for Module implementations
2024-05-17 12:01:56 +02:00
samples
work around gcc bugs with 'asm goto' with outputs
2024-02-23 09:24:47 +01:00
scripts
kbuild: avoid build error when single DTB is turned into composite DTB
2024-08-03 08:54:36 +02:00
security
apparmor: Fix null pointer deref when receiving skb during sock creation
2024-08-03 08:54:38 +02:00
sound
Revert "ALSA: firewire-lib: operate for period elapse event in process context"
2024-08-11 12:47:25 +02:00
tools
selftests: mptcp: join: check backup support in signal endp
2024-08-11 12:47:27 +02:00
usr
initramfs: Encode dependency on KBUILD_BUILD_TIMESTAMP
2023-06-06 17:54:49 +09:00
virt
KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin()
2024-06-27 13:49:11 +02:00
.clang-format
iommu: Add for_each_group_device()
2023-05-23 08:15:51 +02:00
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitattributes: set diff driver for Rust source code files
2023-05-31 17:48:25 +02:00
.gitignore
kbuild: rpm-pkg: rename binkernel.spec to kernel.spec
2023-07-25 00:59:33 +09:00
.mailmap
Merge tag 'mm-hotfixes-stable-2023-10-24-09-40' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2023-10-24 09:52:16 -10:00
.rustfmt.toml
COPYING
CREDITS
USB: Remove Wireless USB and UWB documentation
2023-08-09 14:17:32 +02:00
Kbuild
Merge tag 'kbuild-v6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
2022-10-10 12:00:45 -07:00
Kconfig
MAINTAINERS
pwm: Rename pwm_apply_state() to pwm_apply_might_sleep()
2024-06-12 11:12:24 +02:00
Makefile
Linux 6.6.45
2024-08-11 12:47:28 +02:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.
Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 2.8 GiB
Languages
C 97.5%
Assembly 1.1%
Shell 0.5%
Makefile 0.3%
Python 0.3%