From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Miller Subject: Re: [PATCH] NET: mkiss: Fix panic Date: Fri, 10 Feb 2017 13:42:00 -0500 (EST) Message-ID: <20170210.134200.637935062739586183.davem@davemloft.net> References: <20170209131211.GA16072@linux-mips.org> Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: netdev@vger.kernel.org, akpm@linux-foundation.org, linux-kernel@vger.kernel.org, thomas@osterried.de To: ralf@linux-mips.org Return-path: In-Reply-To: <20170209131211.GA16072@linux-mips.org> Sender: linux-kernel-owner@vger.kernel.org List-Id: netdev.vger.kernel.org From: Ralf Baechle Date: Thu, 9 Feb 2017 14:12:11 +0100 > If a USB-to-serial adapter is unplugged, the driver re-initializes, with > dev->hard_header_len and dev->addr_len set to zero, instead of the correct > values. If then a packet is sent through the half-dead interface, the > kernel will panic due to running out of headroom in the skb when pushing > for the AX.25 headers resulting in this panic: > > [] (skb_panic) from [] (skb_push+0x4c/0x50) > [] (skb_push) from [] (ax25_hard_header+0x34/0xf4 [ax25]) > [] (ax25_hard_header [ax25]) from [] (ax_header+0x38/0x40 [mkiss]) > [] (ax_header [mkiss]) from [] (neigh_compat_output+0x8c/0xd8) > [] (neigh_compat_output) from [] (ip_finish_output+0x2a0/0x914) > [] (ip_finish_output) from [] (ip_output+0xd8/0xf0) > [] (ip_output) from [] (ip_local_out_sk+0x44/0x48) > > This patch makes mkiss behave like the 6pack driver. 6pack does not > panic. In 6pack.c sp_setup() (same function name here) the values for > dev->hard_header_len and dev->addr_len are set to the same values as in > my mkiss patch. > > [ralf@linux-mips.org: Massages original submission to conform to the usual > standards for patch submissions.] > > Signed-off-by: Thomas Osterried > Signed-off-by: Ralf Baechle Applied, thank you.