diff mbox series

[net-next] macsec: don't free NULL metadata_dst

Message ID 60f2a1965fe553e2cade9472407d0fafff8de8ce.1663923580.git.sd@queasysnail.net (mailing list archive)
State Accepted
Commit c52add61c27ea23501be82a34854edd98e10e061
Delegated to: Netdev Maintainers
Headers show
Series [net-next] macsec: don't free NULL metadata_dst | expand

Checks

Context Check Description
netdev/tree_selection success Clearly marked for net-next
netdev/fixes_present success Fixes tag not required for -next series
netdev/subject_prefix success Link
netdev/cover_letter success Single patches do not need cover letters
netdev/patch_count success Link
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 4 this patch: 4
netdev/cc_maintainers fail 1 blamed authors not CCed: davem@davemloft.net; 4 maintainers not CCed: kuba@kernel.org pabeni@redhat.com edumazet@google.com davem@davemloft.net
netdev/build_clang success Errors and warnings before: 0 this patch: 0
netdev/module_param success Was 0 now: 0
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success Fixes tag looks correct
netdev/build_allmodconfig_warn success Errors and warnings before: 4 this patch: 4
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 9 lines checked
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0

Commit Message

Sabrina Dubroca Sept. 23, 2022, 9:07 a.m. UTC 
Commit 0a28bfd4971f added a metadata_dst to each tx_sc, but that's
only allocated when macsec_add_dev has run, which happens after device
registration. If the requested or computed SCI already exists, or if
linking to the lower device fails, we will panic because
metadata_dst_free can't handle NULL.

Reproducer:
    ip link add link $lower type macsec
    ip link add link $lower type macsec

Fixes: 0a28bfd4971f ("net/macsec: Add MACsec skb_metadata_dst Tx Data path support")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
---
 drivers/net/macsec.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Comments

Raed Salem Sept. 25, 2022, 7:29 a.m. UTC | #1 
>From: Sabrina Dubroca <sd@queasysnail.net>
>Sent: Friday, 23 September 2022 12:07
>To: netdev@vger.kernel.org
>Cc: Lior Nahmanson <liorna@nvidia.com>; Raed Salem <raeds@nvidia.com>;
>Saeed Mahameed <saeedm@nvidia.com>; Sabrina Dubroca
><sd@queasysnail.net>
>Subject: [PATCH net-next] macsec: don't free NULL metadata_dst
>
>External email: Use caution opening links or attachments
>
>
>Commit 0a28bfd4971f added a metadata_dst to each tx_sc, but that's only
>allocated when macsec_add_dev has run, which happens after device
>registration. If the requested or computed SCI already exists, or if linking to
>the lower device fails, we will panic because metadata_dst_free can't handle
>NULL.
>
>Reproducer:
>    ip link add link $lower type macsec
>    ip link add link $lower type macsec
>
>Fixes: 0a28bfd4971f ("net/macsec: Add MACsec skb_metadata_dst Tx Data
>path support")
>Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
>---
> drivers/net/macsec.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
>diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index
>617f850bdb3a..ebcfe87bed23 100644
>--- a/drivers/net/macsec.c
>+++ b/drivers/net/macsec.c
>@@ -3734,7 +3734,8 @@ static void macsec_free_netdev(struct net_device
>*dev)  {
>        struct macsec_dev *macsec = macsec_priv(dev);
>
>-       metadata_dst_free(macsec->secy.tx_sc.md_dst);
>+       if (macsec->secy.tx_sc.md_dst)
>+               metadata_dst_free(macsec->secy.tx_sc.md_dst);
>        free_percpu(macsec->stats);
>        free_percpu(macsec->secy.tx_sc.stats);
>
>--
>2.37.3
Acked by me
Jakub Kicinski Sept. 26, 2022, 4:40 p.m. UTC | #2 
On Sun, 25 Sep 2022 07:29:36 +0000 Raed Salem wrote:
> >Commit 0a28bfd4971f added a metadata_dst to each tx_sc, but that's only
> >allocated when macsec_add_dev has run, which happens after device
> >registration. If the requested or computed SCI already exists, or if linking to
> >the lower device fails, we will panic because metadata_dst_free can't handle
> >NULL.
> >
> >Reproducer:
> >    ip link add link $lower type macsec
> >    ip link add link $lower type macsec
> >
> >Fixes: 0a28bfd4971f ("net/macsec: Add MACsec skb_metadata_dst Tx Data
> >path support")
> >Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
> 
> Acked by me

Thanks a lot for the review! Please prefer the full:

Acked-by: Raed Salem <raeds@nvidia.com>

format in the future, this way it will be picked up by the automation.
patchwork-bot+netdevbpf@kernel.org Sept. 26, 2022, 6:20 p.m. UTC | #3 
Hello:

This patch was applied to netdev/net-next.git (master)
by Jakub Kicinski <kuba@kernel.org>:

On Fri, 23 Sep 2022 11:07:09 +0200 you wrote:
> Commit 0a28bfd4971f added a metadata_dst to each tx_sc, but that's
> only allocated when macsec_add_dev has run, which happens after device
> registration. If the requested or computed SCI already exists, or if
> linking to the lower device fails, we will panic because
> metadata_dst_free can't handle NULL.
> 
> Reproducer:
>     ip link add link $lower type macsec
>     ip link add link $lower type macsec
> 
> [...]

Here is the summary with links:
  - [net-next] macsec: don't free NULL metadata_dst
    https://git.kernel.org/netdev/net-next/c/c52add61c27e

You are awesome, thank you!
diff mbox series

Patch

diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c
index 617f850bdb3a..ebcfe87bed23 100644
--- a/drivers/net/macsec.c
+++ b/drivers/net/macsec.c
@@ -3734,7 +3734,8 @@  static void macsec_free_netdev(struct net_device *dev)
 {
 	struct macsec_dev *macsec = macsec_priv(dev);
 
-	metadata_dst_free(macsec->secy.tx_sc.md_dst);
+	if (macsec->secy.tx_sc.md_dst)
+		metadata_dst_free(macsec->secy.tx_sc.md_dst);
 	free_percpu(macsec->stats);
 	free_percpu(macsec->secy.tx_sc.stats);