Assign a default net namespace to netdevs created by init_dummy_netdev().
Fixes a NULL pointer dereference caused by busy-polling a socket bound to
an iwlwifi wireless device, which bumps the per-net BUSYPOLLRXPACKETS stat
if napi_poll() received packets:
BUG: unable to handle kernel NULL pointer dereference at 0000000000000190
IP: napi_busy_loop+0xd6/0x200
Call Trace:
sock_poll+0x5e/0x80
do_sys_poll+0x324/0x5a0
SyS_poll+0x6c/0xf0
do_syscall_64+0x6b/0x1f0
entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Fixes: 7db6b048da3b ("net: Commonize busy polling code to focus on napi_id instead of socket")
Signed-off-by: Josh Elsasser <[email protected]>
---
net/core/dev.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/core/dev.c b/net/core/dev.c
index 82f20022259d..d1043d49979c 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -8712,7 +8712,9 @@ int init_dummy_netdev(struct net_device *dev)
set_bit(__LINK_STATE_PRESENT, &dev->state);
set_bit(__LINK_STATE_START, &dev->state);
+ /* napi_busy_loop stats accounting wants this */
+ dev_net_set(dev, &init_net);
+
/* Note : We dont allocate pcpu_refcnt for dummy devices,
* because users of this 'device' dont need to change
* its refcount.
--
2.19.1
From: Josh Elsasser <[email protected]>
Date: Sat, 26 Jan 2019 14:38:33 -0800
> Assign a default net namespace to netdevs created by init_dummy_netdev().
> Fixes a NULL pointer dereference caused by busy-polling a socket bound to
> an iwlwifi wireless device, which bumps the per-net BUSYPOLLRXPACKETS stat
> if napi_poll() received packets:
>
> BUG: unable to handle kernel NULL pointer dereference at 0000000000000190
> IP: napi_busy_loop+0xd6/0x200
> Call Trace:
> sock_poll+0x5e/0x80
> do_sys_poll+0x324/0x5a0
> SyS_poll+0x6c/0xf0
> do_syscall_64+0x6b/0x1f0
> entry_SYSCALL_64_after_hwframe+0x3d/0xa2
>
> Fixes: 7db6b048da3b ("net: Commonize busy polling code to focus on napi_id instead of socket")
> Signed-off-by: Josh Elsasser <[email protected]>
Applied and queued up for -stable.