From: <gregkh@linuxfoundation.org>
To: davej@codemonkey.org.uk, davem@davemloft.net,
gregkh@linuxfoundation.org, holger@applied-asynchrony.com,
kafai@fb.com
Cc: <stable@vger.kernel.org>, <stable-commits@vger.kernel.org>
Subject: Patch "ipv6: release dst in ping_v6_sendmsg" has been added to the 4.4-stable tree
Date: Sun, 25 Sep 2016 17:07:33 +0200 [thread overview]
Message-ID: <147481605312432@kroah.com> (raw)
This is a note to let you know that I've just added the patch titled
ipv6: release dst in ping_v6_sendmsg
to the 4.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
ipv6-release-dst-in-ping_v6_sendmsg.patch
and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.
>>From foo@baz Wed Sep 21 12:45:10 CEST 2016
From: Dave Jones <davej@codemonkey.org.uk>
Date: Fri, 2 Sep 2016 14:39:50 -0400
Subject: ipv6: release dst in ping_v6_sendmsg
From: Dave Jones <davej@codemonkey.org.uk>
[ Upstream commit 03c2778a938aaba0893f6d6cdc29511d91a79848 ]
Neither the failure or success paths of ping_v6_sendmsg release
the dst it acquires. This leads to a flood of warnings from
"net/core/dst.c:288 dst_release" on older kernels that
don't have 8bf4ada2e21378816b28205427ee6b0e1ca4c5f1 backported.
That patch optimistically hoped this had been fixed post 3.10, but
it seems at least one case wasn't, where I've seen this triggered
a lot from machines doing unprivileged icmp sockets.
Cc: Martin Lau <kafai@fb.com>
Signed-off-by: Dave Jones <davej@codemonkey.org.uk>
Acked-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Tested-by: Holger Hoffstätte <holger@applied-asynchrony.com>
---
net/ipv6/ping.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
--- a/net/ipv6/ping.c
+++ b/net/ipv6/ping.c
@@ -150,8 +150,10 @@ int ping_v6_sendmsg(struct sock *sk, str
rt = (struct rt6_info *) dst;
np = inet6_sk(sk);
- if (!np)
- return -EBADF;
+ if (!np) {
+ err = -EBADF;
+ goto dst_err_out;
+ }
if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr))
fl6.flowi6_oif = np->mcast_oif;
@@ -186,6 +188,9 @@ int ping_v6_sendmsg(struct sock *sk, str
}
release_sock(sk);
+dst_err_out:
+ dst_release(dst);
+
if (err)
return err;
Patches currently in stable-queue which might be from davej@codemonkey.org.uk are
queue-4.4/ipv6-release-dst-in-ping_v6_sendmsg.patch
reply other threads:[~2016-09-25 15:07 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=147481605312432@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=davej@codemonkey.org.uk \
--cc=davem@davemloft.net \
--cc=holger@applied-asynchrony.com \
--cc=kafai@fb.com \
--cc=stable-commits@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.