linux

History

David Howells d0d5c0cd1e rxrpc: Use skb_unshare() rather than skb_cow_data() The in-place decryption routines in AF_RXRPC's rxkad security module currently call skb_cow_data() to make sure the data isn't shared and that the skb can be written over. This has a problem, however, as the softirq handler may be still holding a ref or the Rx ring may be holding multiple refs when skb_cow_data() is called in rxkad_verify_packet() - and so skb_shared() returns true and __pskb_pull_tail() dislikes that. If this occurs, something like the following report will be generated. kernel BUG at net/core/skbuff.c:1463! ... RIP: 0010:pskb_expand_head+0x253/0x2b0 ... Call Trace: __pskb_pull_tail+0x49/0x460 skb_cow_data+0x6f/0x300 rxkad_verify_packet+0x18b/0xb10 [rxrpc] rxrpc_recvmsg_data.isra.11+0x4a8/0xa10 [rxrpc] rxrpc_kernel_recv_data+0x126/0x240 [rxrpc] afs_extract_data+0x51/0x2d0 [kafs] afs_deliver_fs_fetch_data+0x188/0x400 [kafs] afs_deliver_to_call+0xac/0x430 [kafs] afs_wait_for_call_to_complete+0x22f/0x3d0 [kafs] afs_make_call+0x282/0x3f0 [kafs] afs_fs_fetch_data+0x164/0x300 [kafs] afs_fetch_data+0x54/0x130 [kafs] afs_readpages+0x20d/0x340 [kafs] read_pages+0x66/0x180 __do_page_cache_readahead+0x188/0x1a0 ondemand_readahead+0x17d/0x2e0 generic_file_read_iter+0x740/0xc10 __vfs_read+0x145/0x1a0 vfs_read+0x8c/0x140 ksys_read+0x4a/0xb0 do_syscall_64+0x43/0xf0 entry_SYSCALL_64_after_hwframe+0x44/0xa9 Fix this by using skb_unshare() instead in the input path for DATA packets that have a security index != 0. Non-DATA packets don't need in-place encryption and neither do unencrypted DATA packets. Fixes: `248f219cb8` ("rxrpc: Rewrite the data and ack handling code") Reported-by: Julian Wollrath <jwollrath@web.de> Signed-off-by: David Howells <dhowells@redhat.com>		2019-08-27 10:13:46 +01:00
..
Kconfig	treewide: Add SPDX license identifier - Makefile/Kconfig	2019-05-21 10:50:46 +02:00
Makefile	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
af_rxrpc.c	rxrpc: Don't bother generating maxSkew in the ACK packet	2019-08-09 15:24:00 +01:00
ar-internal.h	rxrpc: Use skb_unshare() rather than skb_cow_data()	2019-08-27 10:13:46 +01:00
call_accept.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
call_event.c	rxrpc: Use the tx-phase skb flag to simplify tracing	2019-08-27 10:04:18 +01:00
call_object.c	rxrpc: Use the tx-phase skb flag to simplify tracing	2019-08-27 10:04:18 +01:00
conn_client.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36	2019-05-24 17:27:11 +02:00
conn_event.c	rxrpc: Use the tx-phase skb flag to simplify tracing	2019-08-27 10:04:18 +01:00
conn_object.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
conn_service.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36	2019-05-24 17:27:11 +02:00
input.c	rxrpc: Use skb_unshare() rather than skb_cow_data()	2019-08-27 10:13:46 +01:00
insecure.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36	2019-05-24 17:27:11 +02:00
key.c	Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs"	2019-07-10 18:43:43 -07:00
local_event.c	rxrpc: Use the tx-phase skb flag to simplify tracing	2019-08-27 10:04:18 +01:00
local_object.c	rxrpc: Fix read-after-free in rxrpc_queue_local()	2019-08-14 11:37:51 +01:00
misc.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36	2019-05-24 17:27:11 +02:00
net_ns.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36	2019-05-24 17:27:11 +02:00
output.c	rxrpc: Use the tx-phase skb flag to simplify tracing	2019-08-27 10:04:18 +01:00
peer_event.c	rxrpc: Use the tx-phase skb flag to simplify tracing	2019-08-27 10:04:18 +01:00
peer_object.c	rxrpc: Fix potential deadlock	2019-07-30 14:42:50 +01:00
proc.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
protocol.h	rxrpc: Improve jumbo packet counting	2019-08-27 09:48:37 +01:00
recvmsg.c	rxrpc: Use the tx-phase skb flag to simplify tracing	2019-08-27 10:04:18 +01:00
rxkad.c	rxrpc: Use skb_unshare() rather than skb_cow_data()	2019-08-27 10:13:46 +01:00
security.c	Keyrings namespacing	2019-07-08 19:36:47 -07:00
sendmsg.c	rxrpc: Use the tx-phase skb flag to simplify tracing	2019-08-27 10:04:18 +01:00
skbuff.c	rxrpc: Use skb_unshare() rather than skb_cow_data()	2019-08-27 10:13:46 +01:00
sysctl.c	proc/sysctl: add shared variables for range check	2019-07-18 17:08:07 -07:00
utils.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36	2019-05-24 17:27:11 +02:00