[PATCH v1 0/9] can: j1939: fix multiple issues found by syzbot

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Most of this issues was found by test provided with following syzbot report:
https://syzkaller.appspot.com/bug?extid=d9536adc269404a984f8

Other syzbot reports are probably different incarnation of the same or
combination of bugs:

https://syzkaller.appspot.com/bug?extid=07bb74aeafc88ba7d5b4
https://syzkaller.appspot.com/bug?extid=4857323ec1bb236f6a45
https://syzkaller.appspot.com/bug?extid=6d04f6a1b31a0ae12ca9
https://syzkaller.appspot.com/bug?extid=7044ea77452b6f92b4fd
https://syzkaller.appspot.com/bug?extid=95c8e0d9dffde15b6c5c
https://syzkaller.appspot.com/bug?extid=db4869ba599c0de9b13e
https://syzkaller.appspot.com/bug?extid=feff46f1778030d14234

Oleksij Rempel (9):
  can: af_can: export can_sock_destruct()
  can: j1939: move j1939_priv_put() into sk_destruct callback
  can: j1939: main: j1939_ndev_to_priv(): avoid crash if can_ml_priv is
    NULL
  can: j1939: socket: rework socket locking for j1939_sk_release() and
    j1939_sk_sendmsg()
  can: j1939: transport: make sure the aborted session will be
    deactivated only once
  can: j1939: make sure socket is held as long as session exists
  can: j1939: transport: j1939_cancel_active_session(): use
    hrtimer_try_to_cancel() instead of hrtimer_cancel()
  can: j1939: j1939_can_recv(): add priv refcounting
  can: j1939: warn if resources are still linked on destroy

 include/linux/can/core.h  |  1 +
 net/can/af_can.c          |  3 +-
 net/can/j1939/main.c      |  9 ++++
 net/can/j1939/socket.c    | 94 ++++++++++++++++++++++++++++++---------
 net/can/j1939/transport.c | 36 +++++++++++----
 5 files changed, 113 insertions(+), 30 deletions(-)

-- 
2.24.0.rc1




[Index of Archives]     [Automotive Discussions]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]     [CAN Bus]

  Powered by Linux