git.stricted.de - GitHub/LineageOS/android_kernel_motorola

author	Octavian Purdila <opurdila@ixiacom.com>
	Thu, 16 Dec 2010 22:26:56 +0000 (14:26 -0800)
committer	David S. Miller <davem@davemloft.net>
	Thu, 16 Dec 2010 22:26:56 +0000 (14:26 -0800)
commit	fcbdf09d9652c8919dcf47072e3ae7dcb4eb98ac
tree	51e3cc1fbd813a880ea09dc31a12683b73d87e05	tree \| snapshot (tar.gz zip)
parent	2984961c388381c1830f95e1c2dc2137301b1009	commit \| diff

net: fix nulls list corruptions in sk_prot_alloc

Special care is taken inside sk_port_alloc to avoid overwriting
skc_node/skc_nulls_node. We should also avoid overwriting
skc_bind_node/skc_portaddr_node.

The patch fixes the following crash:

BUG: unable to handle kernel paging request at fffffffffffffff0
IP: [<ffffffff812ec6dd>] udp4_lib_lookup2+0xad/0x370
[<ffffffff812ecc22>] __udp4_lib_lookup+0x282/0x360
[<ffffffff812ed63e>] __udp4_lib_rcv+0x31e/0x700
[<ffffffff812bba45>] ? ip_local_deliver_finish+0x65/0x190
[<ffffffff812bbbf8>] ? ip_local_deliver+0x88/0xa0
[<ffffffff812eda35>] udp_rcv+0x15/0x20
[<ffffffff812bba45>] ip_local_deliver_finish+0x65/0x190
[<ffffffff812bbbf8>] ip_local_deliver+0x88/0xa0
[<ffffffff812bb2cd>] ip_rcv_finish+0x32d/0x6f0
[<ffffffff8128c14c>] ? netif_receive_skb+0x99c/0x11c0
[<ffffffff812bb94b>] ip_rcv+0x2bb/0x350
[<ffffffff8128c14c>] netif_receive_skb+0x99c/0x11c0

Signed-off-by: Leonard Crestez <lcrestez@ixiacom.com>
Signed-off-by: Octavian Purdila <opurdila@ixiacom.com>
Acked-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/net/sock.h		diff \| blob \| blame \| history
net/core/sock.c		diff \| blob \| blame \| history
net/ipv4/udp.c		diff \| blob \| blame \| history
net/ipv4/udplite.c		diff \| blob \| blame \| history
net/ipv6/udp.c		diff \| blob \| blame \| history
net/ipv6/udplite.c		diff \| blob \| blame \| history