From mboxrd@z Thu Jan  1 00:00:00 1970
From: David Ahern <dsahern@gmail.com>
Subject: Re: [PATCH net] net/ipv6: respect rcu grace period before freeing
 fib6_info
Date: Mon, 18 Jun 2018 09:49:00 -0600
Message-ID: <860a906b-cd26-7d56-0319-e961e8f15df4@gmail.com>
References: <20180618122431.131265-1-edumazet@google.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Cc: netdev <netdev@vger.kernel.org>,
        Eric Dumazet <eric.dumazet@gmail.com>
To: Eric Dumazet <edumazet@google.com>,
        "David S . Miller" <davem@davemloft.net>
Return-path: <netdev-owner@vger.kernel.org>
Received: from mail-pg0-f68.google.com ([74.125.83.68]:37806 "EHLO
        mail-pg0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752901AbeFRPtE (ORCPT
        <rfc822;netdev@vger.kernel.org>); Mon, 18 Jun 2018 11:49:04 -0400
Received: by mail-pg0-f68.google.com with SMTP id r21-v6so7722397pgv.4
        for <netdev@vger.kernel.org>; Mon, 18 Jun 2018 08:49:03 -0700 (PDT)
In-Reply-To: <20180618122431.131265-1-edumazet@google.com>
Content-Language: en-US
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>

On 6/18/18 6:24 AM, Eric Dumazet wrote:
> syzbot reported use after free that is caused by fib6_info being
> freed without a proper RCU grace period.
> 

...

> Fixes: a64efe142f5e ("net/ipv6: introduce fib6_info struct and helpers")
> Signed-off-by: Eric Dumazet <edumazet@google.com>
> Cc: David Ahern <dsahern@gmail.com>
> Reported-by: syzbot+9e6d75e3edef427ee888@syzkaller.appspotmail.com
> ---
>  include/net/ip6_fib.h | 5 +++--
>  net/ipv6/ip6_fib.c    | 5 +++--
>  2 files changed, 6 insertions(+), 4 deletions(-)
> 

I wondered if that was needed when flipping to the new data struct.
Apparently so. Thanks for the patch,

Acked-by: David Ahern <dsahern@gmail.com>
Tested-by: David Ahern <dsahern@gmail.com>