| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
The commit ac160e08af69 ("Bluetooth: Add Advertising Packet
Configuration") introduces wrong indent which causes build warning for
gcc-7. Fix the wrong indent.
Change-Id: Ia0bde8a8f9660ccf8fa312e3c3ec6c8cb76863f1
Fixes: ac160e08af69 ("Bluetooth: Add Advertising Packet Configuration")
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
|
|
Reject flags that are not supported with EINVAL.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
[sw0312.kim: backport from mainline to apply supplementary groups on netfilter]
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Change-Id: Id867ca48290a8e6627ad7d1b1f159669fc5c44a1
|
|
The XT_OWNER_SUPPL_GROUPS flag causes GIDs specified with XT_OWNER_GID
to be also checked in the supplementary groups of a process.
f_cred->group_info cannot be modified during its lifetime and f_cred
holds a reference to it so it's safe to use.
Signed-off-by: Lukasz Pawelczyk <l.pawelczyk@samsung.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
[sw0312.kim: backport from mainline to apply supplementary groups on netfilter]
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Change-Id: I7a21fc112cde77ae708b84d4b48c8aee339a7642
|
|
There is a logic error in the event function. We should
check the callback function's parameter before calling.
Change-Id: I06a4a8c50317e5ec4ae8fe35e4b788105e090196
Fixes: bde01c80dd51 ("Bluetooth: Set le data length command and event")
Signed-off-by: DoHyun Pyun <dh79.pyun@samsung.com>
|
|
Sets the data length for the le data packet with in the
advised limits. MGMT command and event are added to handle
the setting of data length.
Change-Id: Ia5c2167743cc9a29190e5631973e9d52d41caa1d
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch adds MGMT command and code for supporting reading
default le data length value set at the controller.
Change-Id: I2b81982dc26ed5af4a8f8a3d3913db5d64625260
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch adds MGMT command and code for supporting write
default le data length command to the controller.
Change-Id: I3d2c8b622b7913a3ed542342e3ba8076c30dc279
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch adds the MGMT command and code to support reading
the maximum data length supported command for LE.
Change-Id: I4dc0041f2070de2ccb6a4164c8823612863c941e
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch fixes the IPSP connection callback event issue
between kernel and bluez layer.
Change-Id: Ia4d625aa8a6dbc9da89a7d9f12308af9c90d0594
Signed-off-by: h.sandeep <h.sandeep@samsung.com>
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch adds MGMT code to support IPSP connect and
disconnect apis and handle connection state changed event.
Change-Id: I1c41ec4f38cf9a108e443def3bc23c1b964e2985
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch supports MGMT commands and code to enable or disable
IPSP 6LowPan features.
Change-Id: Ia866ecfa517c7d7e4320f17d94d80dfeb9261e59
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch fixes not to check the hdev power before setting
LE Privacy.
Change-Id: I344ea13b1d90527e3e7554ec616cdc640b85159c
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch allows to store the key after authentication
if auth type is "HCI_LK_AUTH_COMBINATION_P192"
Change-Id: Ie44dbe7dfec361edab61aceaf9b2ca4057b88fa5
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch adds code to cancel the sniff timer.
Change-Id: I756d3b08acf6462044d1fb204064fe12ce1238c1
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
Add provision to set the link poilicy to enable sniff mode
for incoming connection.
Change-Id: Ifff9e9f0838f26a6c96d81f4cbaae43429aa231f
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch modifies the fast connectable function
to just set the type.
Change-Id: I0cce96f85d823f9798ae7f147c4e33ce7b18e0e3
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch allows to send HCI_OP_AUTH_REQUESTED command
to the remote device if pairing failure happens because
of pin or key missing error.
Change-Id: I9c28394dc06b22fd5fe9e58ac0b7d728c086bde4
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch enables the inquiry and page scan after ACL
disconnection with one device and if there are no other
devices connected.
Change-Id: Ifb28be7d23f237d35112b2e0739ed55169baacf7
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch updates the authentication requirement to general
MITM if local and remote device IO capabilities are not
NO_INPUT_NO_OUTPUT.
Change-Id: Ie3955c3f8287418e74af20d40bdf30d0f1963e31
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch allows to set the supervision timeout for a connection
if the device role is master.
Change-Id: I7897167ec07803f3059f2ab4d3314b0b7a951533
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch sets the filter policy to a default value 0x01 during
LE auto connection if the destination address is not set. And it
updates the destination address once the LE connection complete
event is recieved during LE auto connection. And for it checks
valid destination address before cancelling LE connection when
connection timeout occurs.
Change-Id: I9877556c0b0ab4826f5f4934ead4d85b7837036d
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
[squash patches, LE connection policy, set dest address and check dest address before cancelling connection]
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch adds MGMT command to read the advertising TX power.
Change-Id: Ide9e5d332f034928d2eae2cbd68a025a0d42be1b
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch sets the link policy for SCO/eSCO connection.
Change-Id: I71caef5a3887f73a10329b6886c8cf52b80e8d37
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
[add link policy setting in sco connection]
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
Added code to set sco settings.
Change-Id: I37aa572436241b06e00d1e9e75964aac747eeba5
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
[remove sco link policy part]
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch adds code for providing multiple LE advertisement state
changed event to upper layer.
Change-Id: I58fb8044e74402376ec30b121081edce7c8709d1
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
[divide hci_vendor_mutli_adv_state_change_evt and remove hci event structure from mgmt]
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch adds new MGMT event for LE device discovery and allows
the handling of all advertisement packets in platform.
Change-Id: I1927acb75eff0b60a5899898c6d7a000e1a108ef
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch fixes style for rssi link alert event from vendor
specific group ext.
Change-Id: I0e7003e417c5f5a590cce8264caccad515dd3c10
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch sends the H/W TX timeout error MGMT event if HCI command
timeout occurs after sending HCI commands.
Change-Id: I5eb593f2fe4d31c404dd94ef582790e47d03b10a
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
Add code to handle hardware error MGMT event.
Change-Id: I5875ea2aeae7aba95c1f8e15b456704dc6bcdee4
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch adds the vendor specific LE meta event handler.
It handles the vendor specific handles like,
LE_MULTI_ADV_STATE_CHANGE_SUB_EVENT, LE_RSSI_LINK_ALERT.
Change-Id: I1f344a31e36f9c7442fe0bd8b598e67d9f5fb9bf
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
[divide hci vendor speicif group event function]
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
Added new MGMT command to set LE scan parameters
Change-Id: I5ea660f97e93dfcc72273971ad0250e7f582f718
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
Added new MGMT command to set the manufacturer data
in the BR/EDR packet.
Change-Id: Ie08062f4cad0c676deab94fd95fdc1a8c5602135
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
Added new MGMT command to update LE connection parameters
Change-Id: I6ae16513437cd42d40e75958aa8415baa1cbedbb
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
Added new MGMT command to disable LE auto connection.
Change-Id: I1f5f61b83227501ad54019008b405fd47fd722a3
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch adds new MGMT commands to start LE discovery separately
and handles LE discovery state.
Change-Id: I85958b8c2b5c7e28f57c69e86037ab1e61a75db0
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch updates the device name on receiving the HCI event
remote_name_event during connection establishment.
Change-Id: I9a217e6760b1803a70af201a3f6903e722079749
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
Added feature support for monitoring the RSSI value.
Commands and events for enabling, disabling and setting
rssi threshold values are added.
Change-Id: I850643a9228afc017e54217a11826b9c6a68a96b
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch provides MGMT commands to manage the white
list which includes, adding, removing and clearing the
devices from white list.
Change-Id: If71107129d3a090ae81448a8122b76accd4f5522
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: DoHyun Pyun <dh79.pyun@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
This patch provides new MGMT commands to configure
the advertising data and scan response data packets for
LE peripheral devices.
Change-Id: I914d13795f4fb58e5f2e1cadb55086f4bcbc82df
Signed-off-by: Sudha Bheemanna <b.sudha@samsung.com>
Signed-off-by: DoHyun Pyun <dh79.pyun@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
Added the basic skeleton code for tizen_mgmt_handlers and
mgmt_tizen.h header file.
Change-Id: I8f3100aa79e6673840ba561f0a9c50238ca0880b
Signed-off-by: h.sandeep <h.sandeep@samsung.com>
Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
|
|
clang inlines the dev_ethtool() more aggressively than gcc does, leading
to a larger amount of used stack space:
net/core/ethtool.c:2536:24: error: stack frame size of 1216 bytes in function 'dev_ethtool' [-Werror,-Wframe-larger-than=]
Marking the sub-functions that require the most stack space as
noinline_for_stack gives us reasonable behavior on all compilers.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Michal Kubecek <mkubecek@suse.cz>
Signed-off-by: David S. Miller <davem@davemloft.net>
[sw0312.kim: cherry-pick mainline commit 3499e87ea041 to remove frame-larger-than build warning with llvm/clang]
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Change-Id: I99a8ba2db0d81a6181096ef649531e7d3fcaf3eb
|
|
|
|
commit 526f5b851a96566803ee4bee60d0a34df56c77f8 upstream.
Error message printed:
modprobe: ERROR: could not insert 'tipc': Address family not
supported by protocol.
when modprobe tipc after the following patch: switch order of
device registration, commit 7e27e8d6130c
("tipc: switch order of device registration to fix a crash")
Because sock_create_kern(net, AF_TIPC, ...) called by
tipc_topsrv_create_listener() in the initialization process
of tipc_init_net(), so tipc_socket_init() must be execute before that.
Meanwhile, tipc_net_id need to be initialized when sock_create()
called, and tipc_socket_init() is no need to be called for each namespace.
I add a variable tipc_topsrv_net_ops, and split the
register_pernet_subsys() of tipc into two parts, and split
tipc_socket_init() with initialization of pernet params.
By the way, I fixed resources rollback error when tipc_bcast_init()
failed in tipc_init_net().
Fixes: 7e27e8d6130c ("tipc: switch order of device registration to fix a crash")
Signed-off-by: Junwei Hu <hujunwei4@huawei.com>
Reported-by: Wang Wang <wangwang2@huawei.com>
Reported-by: syzbot+1e8114b61079bfe9cbc5@syzkaller.appspotmail.com
Reviewed-by: Kang Zhou <zhoukang7@huawei.com>
Reviewed-by: Suanming Mou <mousuanming@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
registration"
commit 5593530e56943182ebb6d81eca8a3be6db6dbba4 upstream.
This reverts commit 532b0f7ece4cb2ffd24dc723ddf55242d1188e5e.
More revisions coming up.
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
commit e9666d10a5677a494260d60d1fa0b73cc7646eb3 upstream.
Currently, CONFIG_JUMP_LABEL just means "I _want_ to use jump label".
The jump label is controlled by HAVE_JUMP_LABEL, which is defined
like this:
#if defined(CC_HAVE_ASM_GOTO) && defined(CONFIG_JUMP_LABEL)
# define HAVE_JUMP_LABEL
#endif
We can improve this by testing 'asm goto' support in Kconfig, then
make JUMP_LABEL depend on CC_HAS_ASM_GOTO.
Ugly #ifdef HAVE_JUMP_LABEL will go away, and CONFIG_JUMP_LABEL will
match to the real kernel capability.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Acked-by: Michael Ellerman <mpe@ellerman.id.au> (powerpc)
Tested-by: Sedat Dilek <sedat.dilek@gmail.com>
[nc: Fix trivial conflicts in 4.19
arch/xtensa/kernel/jump_label.c doesn't exist yet
Ensured CC_HAVE_ASM_GOTO and HAVE_JUMP_LABEL were sufficiently
eliminated]
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
[ Upstream commit c3f4a6c39cf269a40d45f813c05fa830318ad875 ]
On device surprise removal path (the notifier) we can't
bail just because the features are disabled. They may
have been enabled during the lifetime of the device.
This bug leads to leaking netdev references and
use-after-frees if there are active connections while
device features are cleared.
Fixes: e8f69799810c ("net/tls: Add generic NIC offload infrastructure")
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Dirk van der Merwe <dirk.vandermerwe@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
[ Upstream commit 3686637e507b48525fcea6fb91e1988bdbc14530 ]
TLS offload drivers shouldn't (and currently don't) block
the TLS offload feature changes based on whether there are
active offloaded connections or not.
This seems to be a good idea, because we want the admin to
be able to disable the TLS offload at any time, and there
is no clean way of disabling it for active connections
(TX side is quite problematic). So if features are cleared
existing connections will stay offloaded until they close,
and new connections will not attempt offload to a given
device.
However, the offload state removal handling is currently
broken if feature flags get cleared while there are
active TLS offloads.
RX side will completely bail from cleanup, even on normal
remove path, leaving device state dangling, potentially
causing issues when the 5-tuple is reused. It will also
fail to release the netdev reference.
Remove the RX-side warning message, in next release cycle
it should be printed when features are disabled, rather
than when connection dies, but for that we need a more
efficient method of finding connection of a given netdev
(a'la BPF offload code).
Fixes: 4799ac81e52a ("tls: Add rx inline crypto offload")
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Dirk van der Merwe <dirk.vandermerwe@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
[ Upstream commit 4097e9d250fb17958c1d9b94538386edd3f20144 ]
Function tcf_action_dump() relies on tc_action->order field when starting
nested nla to send action data to userspace. This approach breaks in
several cases:
- When multiple filters point to same shared action, tc_action->order field
is overwritten each time it is attached to filter. This causes filter
dump to output action with incorrect attribute for all filters that have
the action in different position (different order) from the last set
tc_action->order value.
- When action data is displayed using tc action API (RTM_GETACTION), action
order is overwritten by tca_action_gd() according to its position in
resulting array of nl attributes, which will break filter dump for all
filters attached to that shared action that expect it to have different
order value.
Don't rely on tc_action->order when dumping actions. Set nla according to
action position in resulting array of actions instead.
Signed-off-by: Vlad Buslov <vladbu@mellanox.com>
Acked-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
[ Upstream commit a4270d6795b0580287453ea55974d948393e66ef ]
If a network driver provides to napi_gro_frags() an
skb with a page fragment of exactly 14 bytes, the call
to gro_pull_from_frag0() will 'consume' the fragment
by calling skb_frag_unref(skb, 0), and the page might
be freed and reused.
Reading eth->h_proto at the end of napi_frags_skb() might
read mangled data, or crash under specific debugging features.
BUG: KASAN: use-after-free in napi_frags_skb net/core/dev.c:5833 [inline]
BUG: KASAN: use-after-free in napi_gro_frags+0xc6f/0xd10 net/core/dev.c:5841
Read of size 2 at addr ffff88809366840c by task syz-executor599/8957
CPU: 1 PID: 8957 Comm: syz-executor599 Not tainted 5.2.0-rc1+ #32
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x172/0x1f0 lib/dump_stack.c:113
print_address_description.cold+0x7c/0x20d mm/kasan/report.c:188
__kasan_report.cold+0x1b/0x40 mm/kasan/report.c:317
kasan_report+0x12/0x20 mm/kasan/common.c:614
__asan_report_load_n_noabort+0xf/0x20 mm/kasan/generic_report.c:142
napi_frags_skb net/core/dev.c:5833 [inline]
napi_gro_frags+0xc6f/0xd10 net/core/dev.c:5841
tun_get_user+0x2f3c/0x3ff0 drivers/net/tun.c:1991
tun_chr_write_iter+0xbd/0x156 drivers/net/tun.c:2037
call_write_iter include/linux/fs.h:1872 [inline]
do_iter_readv_writev+0x5f8/0x8f0 fs/read_write.c:693
do_iter_write fs/read_write.c:970 [inline]
do_iter_write+0x184/0x610 fs/read_write.c:951
vfs_writev+0x1b3/0x2f0 fs/read_write.c:1015
do_writev+0x15b/0x330 fs/read_write.c:1058
Fixes: a50e233c50db ("net-gro: restore frag0 optimization")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
[ Upstream commit 8fb44d60d4142cd2a440620cd291d346e23c131e ]
If llc_mac_hdr_init() returns an error, we must drop the skb
since no llc_build_and_send_ui_pkt() caller will take care of this.
BUG: memory leak
unreferenced object 0xffff8881202b6800 (size 2048):
comm "syz-executor907", pid 7074, jiffies 4294943781 (age 8.590s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1a 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00 ...@............
backtrace:
[<00000000e25b5abe>] kmemleak_alloc_recursive include/linux/kmemleak.h:55 [inline]
[<00000000e25b5abe>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e25b5abe>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e25b5abe>] __do_kmalloc mm/slab.c:3658 [inline]
[<00000000e25b5abe>] __kmalloc+0x161/0x2c0 mm/slab.c:3669
[<00000000a1ae188a>] kmalloc include/linux/slab.h:552 [inline]
[<00000000a1ae188a>] sk_prot_alloc+0xd6/0x170 net/core/sock.c:1608
[<00000000ded25bbe>] sk_alloc+0x35/0x2f0 net/core/sock.c:1662
[<000000002ecae075>] llc_sk_alloc+0x35/0x170 net/llc/llc_conn.c:950
[<00000000551f7c47>] llc_ui_create+0x7b/0x140 net/llc/af_llc.c:173
[<0000000029027f0e>] __sock_create+0x164/0x250 net/socket.c:1430
[<000000008bdec225>] sock_create net/socket.c:1481 [inline]
[<000000008bdec225>] __sys_socket+0x69/0x110 net/socket.c:1523
[<00000000b6439228>] __do_sys_socket net/socket.c:1532 [inline]
[<00000000b6439228>] __se_sys_socket net/socket.c:1530 [inline]
[<00000000b6439228>] __x64_sys_socket+0x1e/0x30 net/socket.c:1530
[<00000000cec820c1>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
[<000000000c32554f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
BUG: memory leak
unreferenced object 0xffff88811d750d00 (size 224):
comm "syz-executor907", pid 7074, jiffies 4294943781 (age 8.600s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 f0 0c 24 81 88 ff ff 00 68 2b 20 81 88 ff ff ...$.....h+ ....
backtrace:
[<0000000053026172>] kmemleak_alloc_recursive include/linux/kmemleak.h:55 [inline]
[<0000000053026172>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<0000000053026172>] slab_alloc_node mm/slab.c:3269 [inline]
[<0000000053026172>] kmem_cache_alloc_node+0x153/0x2a0 mm/slab.c:3579
[<00000000fa8f3c30>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:198
[<00000000d96fdafb>] alloc_skb include/linux/skbuff.h:1058 [inline]
[<00000000d96fdafb>] alloc_skb_with_frags+0x5f/0x250 net/core/skbuff.c:5327
[<000000000a34a2e7>] sock_alloc_send_pskb+0x269/0x2a0 net/core/sock.c:2225
[<00000000ee39999b>] sock_alloc_send_skb+0x32/0x40 net/core/sock.c:2242
[<00000000e034d810>] llc_ui_sendmsg+0x10a/0x540 net/llc/af_llc.c:933
[<00000000c0bc8445>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<00000000c0bc8445>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<000000003b687167>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<00000000922d78d9>] __do_sys_sendto net/socket.c:1976 [inline]
[<00000000922d78d9>] __se_sys_sendto net/socket.c:1972 [inline]
[<00000000922d78d9>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
[<00000000cec820c1>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
[<000000000c32554f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
