mbox series

[net-next,0/2] net: macvlan: fix potential UAF problem for lowerdev

Message ID cover.1646989143.git.william.xuanziyang@huawei.com (mailing list archive)
Headers show
Series net: macvlan: fix potential UAF problem for lowerdev | expand

Message

Ziyang Xuan (William) March 11, 2022, 9:02 a.m. UTC 
Add the reference operation to lowerdev of macvlan to avoid
the potential UAF problem under the following known scenario:

Someone module puts the NETDEV_UNREGISTER event handler to a
work, and lowerdev is accessed in the work handler. But when
the work is excuted, lowerdev has been destroyed because upper
macvlan did not get reference to lowerdev correctly.

In addition, add net device refcount tracker to macvlan.

Ziyang Xuan (2):
  net: macvlan: fix potential UAF problem for lowerdev
  net: macvlan: add net device refcount tracker

 drivers/net/macvlan.c      | 14 +++++++++++++-
 include/linux/if_macvlan.h |  1 +
 2 files changed, 14 insertions(+), 1 deletion(-)

Comments

patchwork-bot+netdevbpf@kernel.org March 14, 2022, 10:10 a.m. UTC | #1 
Hello:

This series was applied to netdev/net-next.git (master)
by David S. Miller <davem@davemloft.net>:

On Fri, 11 Mar 2022 17:02:41 +0800 you wrote:
> Add the reference operation to lowerdev of macvlan to avoid
> the potential UAF problem under the following known scenario:
> 
> Someone module puts the NETDEV_UNREGISTER event handler to a
> work, and lowerdev is accessed in the work handler. But when
> the work is excuted, lowerdev has been destroyed because upper
> macvlan did not get reference to lowerdev correctly.
> 
> [...]

Here is the summary with links:
  - [net-next,1/2] net: macvlan: fix potential UAF problem for lowerdev
    https://git.kernel.org/netdev/net-next/c/291ac68478d9
  - [net-next,2/2] net: macvlan: add net device refcount tracker
    https://git.kernel.org/netdev/net-next/c/1f4a5983d623

You are awesome, thank you!