This is a note to let you know that I've just added the patch titled
bridge: use br_port_get_rtnl within rtnl lock
to the 3.11-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
bridge-use-br_port_get_rtnl-within-rtnl-lock.patch
and it can be found in the queue-3.11 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From b4b76708ba3428a64594f7bac50c60a789dbd592 Mon Sep 17 00:00:00 2001
From: Hong Zhiguo <zhiguohong@xxxxxxxxxxx>
Date: Sat, 14 Sep 2013 22:42:27 +0800
Subject: bridge: use br_port_get_rtnl within rtnl lock
From: Hong Zhiguo <zhiguohong@xxxxxxxxxxx>
[ Upstream commit 1fb1754a8c70d69ab480763c423e0a74369c4a67 ]
current br_port_get_rcu is problematic in bridging path
(NULL deref). Change these calls in netlink path first.
Signed-off-by: Hong Zhiguo <zhiguohong@xxxxxxxxxxx>
Acked-by: Eric Dumazet <edumazet@xxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/bridge/br_netlink.c | 4 ++--
net/bridge/br_private.h | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
--- a/net/bridge/br_netlink.c
+++ b/net/bridge/br_netlink.c
@@ -207,7 +207,7 @@ int br_getlink(struct sk_buff *skb, u32
struct net_device *dev, u32 filter_mask)
{
int err = 0;
- struct net_bridge_port *port = br_port_get_rcu(dev);
+ struct net_bridge_port *port = br_port_get_rtnl(dev);
/* not a bridge port and */
if (!port && !(filter_mask & RTEXT_FILTER_BRVLAN))
@@ -451,7 +451,7 @@ static size_t br_get_link_af_size(const
struct net_port_vlans *pv;
if (br_port_exists(dev))
- pv = nbp_get_vlan_info(br_port_get_rcu(dev));
+ pv = nbp_get_vlan_info(br_port_get_rtnl(dev));
else if (dev->priv_flags & IFF_EBRIDGE)
pv = br_get_vlan_info((struct net_bridge *)netdev_priv(dev));
else
--- a/net/bridge/br_private.h
+++ b/net/bridge/br_private.h
@@ -208,7 +208,7 @@ static inline struct net_bridge_port *br
return br_port_exists(dev) ? port : NULL;
}
-static inline struct net_bridge_port *br_port_get_rtnl(struct net_device *dev)
+static inline struct net_bridge_port *br_port_get_rtnl(const struct net_device *dev)
{
return br_port_exists(dev) ?
rtnl_dereference(dev->rx_handler_data) : NULL;
Patches currently in stable-queue which might be from zhiguohong@xxxxxxxxxxx are
queue-3.11/bridge-use-br_port_get_rtnl-within-rtnl-lock.patch
queue-3.11/bridge-fix-null-pointer-deref-of-br_port_get_rcu.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html