Received: by 2002:a25:ef43:0:0:0:0:0 with SMTP id w3csp1789334ybm; Sat, 30 May 2020 21:46:07 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwqb9nPw+PT0NQGdYBZzNoOWm3xVSNBUkfCG2G0QrDFVyupGWvf/joUf0AP12RKrZQ5RsUm X-Received: by 2002:aa7:d042:: with SMTP id n2mr15960089edo.226.1590900367666; Sat, 30 May 2020 21:46:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1590900367; cv=none; d=google.com; s=arc-20160816; b=llTFkFH3DeLjO7XKf2alP3IedgSxJU0M18iJyLfh5CJ5ikuPHbzPXuVK36nnBv8DWU OJXpgl3DEUp7iEry3cRAaLOBjHQD7qO6Z8phBrVnQQZWh+c/G51tOUIJgVwGwuUjJBSm FHkmCRXBn4yWCbRj84U/svW18xn9krDLZciYq/TrXzKT4vOehRmjyvJU7TPeFRroiZWS 1qySeeh7/CG53ZeGVUhq8H2ogh4wJlCNppy8dcKvK2cV99FEclk0VEv2EaDVQQ3ZxQsH Df8soXlOimNdlna3zj9gIDk4zpwogWpwo1barrk1nmJSxNEfjcDg7AIGgMu5+3mplvN+ O0DQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:from:subject:cc:to:message-id:date; bh=y5Mt4AhrqAQkb9BEZIOS/A8DkE1Pddku+bYH0STMpZk=; b=kmvl8niwmTnDoNrcNbIZFZ9S78AgG19+DVQ6pHmx2QKzzgmB/BopjyHsrU4w63xsfs qfn+TaPHeU8zrwkuzGeIaUPLUvW95GoqQkYELPSFiZKHGsB/wX6wBYqqmBDCHpw84R+A k+Qcc5EChPlQZz+icGvTQseXPiHKOaL1SyiLYmLr6sA5PCw/4m3F3w+GKKeFPwestyIS mqc4hUM4c0pV+llNZcY2Yzm41zPKEBUrKOaaso0m+856BQGd4QGIu9StARc9ou9/TFke RHfvuUCILscIob3nM3jabCdJNomOmStpRwYvgtQx5FohsCaeYlvit3ixCPNA+VwbP1Hh e/jw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id n12si1873045edv.240.2020.05.30.21.45.43; Sat, 30 May 2020 21:46:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729356AbgEaEnl (ORCPT + 99 others); Sun, 31 May 2020 00:43:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58126 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726020AbgEaEnk (ORCPT ); Sun, 31 May 2020 00:43:40 -0400 Received: from shards.monkeyblade.net (shards.monkeyblade.net [IPv6:2620:137:e000::1:9]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AF3BDC05BD43; Sat, 30 May 2020 21:43:40 -0700 (PDT) Received: from localhost (unknown [IPv6:2601:601:9f00:477::3d5]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) (Authenticated sender: davem-davemloft) by shards.monkeyblade.net (Postfix) with ESMTPSA id 5A1A9128FCC74; Sat, 30 May 2020 21:43:39 -0700 (PDT) Date: Sat, 30 May 2020 21:43:37 -0700 (PDT) Message-Id: <20200530.214337.1492575923118562439.davem@davemloft.net> To: clew@codeaurora.org Cc: bjorn.andersson@linaro.org, manivannan.sadhasivam@linaro.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org Subject: Re: [PATCH] net: qrtr: Allocate workqueue before kernel_bind From: David Miller In-Reply-To: <1590707126-16957-1-git-send-email-clew@codeaurora.org> References: <1590707126-16957-1-git-send-email-clew@codeaurora.org> X-Mailer: Mew version 6.8 on Emacs 26.3 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Sat, 30 May 2020 21:43:40 -0700 (PDT) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Chris Lew Date: Thu, 28 May 2020 16:05:26 -0700 > A null pointer dereference in qrtr_ns_data_ready() is seen if a client > opens a qrtr socket before qrtr_ns_init() can bind to the control port. > When the control port is bound, the ENETRESET error will be broadcasted > and clients will close their sockets. This results in DEL_CLIENT > packets being sent to the ns and qrtr_ns_data_ready() being called > without the workqueue being allocated. > > Allocate the workqueue before setting sk_data_ready and binding to the > control port. This ensures that the work and workqueue structs are > allocated and initialized before qrtr_ns_data_ready can be called. > > Fixes: 0c2204a4ad71 ("net: qrtr: Migrate nameservice to kernel from userspace") > Signed-off-by: Chris Lew Applied, thank you.