net/packet: rx_owner_map depends on pg_vec (ec6af094) · Commits · Mirrors / github.com / raspberrypi_linux · GitLab

Commit ec6af094 authored Dec 15, 2021 by

Willem de Bruijn Committed by Jakub Kicinski Dec 15, 2021

net/packet: rx_owner_map depends on pg_vec

Packet sockets may switch ring versions. Avoid misinterpreting state
between versions, whose fields share a union. rx_owner_map is only
allocated with a packet ring (pg_vec) and both are swapped together.
If pg_vec is NULL, meaning no packet ring was allocated, then neither
was rx_owner_map. And the field may be old state from a tpacket_v3.

Fixes: 61fad681 ("net/packet: tpacket_rcv: avoid a producer race condition")
Reported-by: Syzbot <syzbot+1ac0994a0a0c55151121@syzkaller.appspotmail.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Link: https://lore.kernel.org/r/20211215143937.106178-1-willemdebruijn.kernel@gmail.com

Signed-off-by: Jakub Kicinski <kuba@kernel.org>

parent 48122177

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit 7da349f0
· Dec 23, 2021

mentioned in commit 7da349f0

mentioned in commit 7da349f07e457cad135df0920a3f670e423fb5e9

Toggle commit list

Please register or to comment