If the wdev object has been created (via NEW_INTERFACE) with
SOCKET_OWNER attribute set, then limit certain commands only to the
process that created that wdev.
This can be used to make sure no other process on the system interferes
by sending unwanted scans, action frames or any other funny business.
This patch introduces a new internal flag, and checks that flag in the
pre_doit hook.
Signed-off-by: Denis Kenzior <[email protected]>
---
net/wireless/nl80211.c | 80 ++++++++++++++++++++++++++++++++----------
1 file changed, 61 insertions(+), 19 deletions(-)
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index ff760ba83449..26bab9560c0f 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -13587,6 +13587,7 @@ static int nl80211_probe_mesh_link(struct sk_buff *skb, struct genl_info *info)
#define NL80211_FLAG_NEED_WDEV_UP (NL80211_FLAG_NEED_WDEV |\
NL80211_FLAG_CHECK_NETDEV_UP)
#define NL80211_FLAG_CLEAR_SKB 0x20
+#define NL80211_FLAG_OWNER_ONLY 0x40
static int nl80211_pre_doit(const struct genl_ops *ops, struct sk_buff *skb,
struct genl_info *info)
@@ -13595,6 +13596,7 @@ static int nl80211_pre_doit(const struct genl_ops *ops, struct sk_buff *skb,
struct wireless_dev *wdev;
struct net_device *dev;
bool rtnl = ops->internal_flags & NL80211_FLAG_NEED_RTNL;
+ int ret;
if (rtnl)
rtnl_lock();
@@ -13602,10 +13604,10 @@ static int nl80211_pre_doit(const struct genl_ops *ops, struct sk_buff *skb,
if (ops->internal_flags & NL80211_FLAG_NEED_WIPHY) {
rdev = cfg80211_get_dev_from_info(genl_info_net(info), info);
if (IS_ERR(rdev)) {
- if (rtnl)
- rtnl_unlock();
- return PTR_ERR(rdev);
+ ret = PTR_ERR(rdev);
+ goto done;
}
+
info->user_ptr[0] = rdev;
} else if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV ||
ops->internal_flags & NL80211_FLAG_NEED_WDEV) {
@@ -13614,32 +13616,33 @@ static int nl80211_pre_doit(const struct genl_ops *ops, struct sk_buff *skb,
wdev = __cfg80211_wdev_from_attrs(genl_info_net(info),
info->attrs);
if (IS_ERR(wdev)) {
- if (rtnl)
- rtnl_unlock();
- return PTR_ERR(wdev);
+ ret = PTR_ERR(wdev);
+ goto done;
}
dev = wdev->netdev;
rdev = wiphy_to_rdev(wdev->wiphy);
+ ret = -EINVAL;
if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV) {
- if (!dev) {
- if (rtnl)
- rtnl_unlock();
- return -EINVAL;
- }
+ if (!dev)
+ goto done;
info->user_ptr[1] = dev;
} else {
info->user_ptr[1] = wdev;
}
+ ret = -ENETDOWN;
if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP &&
- !wdev_running(wdev)) {
- if (rtnl)
- rtnl_unlock();
- return -ENETDOWN;
- }
+ !wdev_running(wdev))
+ goto done;
+
+ ret = -EPERM;
+ if (ops->internal_flags & NL80211_FLAG_OWNER_ONLY &&
+ wdev->owner_nlportid &&
+ wdev->owner_nlportid != info->snd_portid)
+ goto done;
if (dev)
dev_hold(dev);
@@ -13647,7 +13650,13 @@ static int nl80211_pre_doit(const struct genl_ops *ops, struct sk_buff *skb,
info->user_ptr[0] = rdev;
}
- return 0;
+ ret = 0;
+
+done:
+ if (rtnl && !ret)
+ rtnl_unlock();
+
+ return ret;
}
static void nl80211_post_doit(const struct genl_ops *ops, struct sk_buff *skb,
@@ -13712,7 +13721,8 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_set_interface,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV |
- NL80211_FLAG_NEED_RTNL,
+ NL80211_FLAG_NEED_RTNL |
+ NL80211_FLAG_OWNER_ONLY,
},
{
.cmd = NL80211_CMD_NEW_INTERFACE,
@@ -13728,7 +13738,8 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_del_interface,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_WDEV |
- NL80211_FLAG_NEED_RTNL,
+ NL80211_FLAG_NEED_RTNL |
+ NL80211_FLAG_OWNER_ONLY,
},
{
.cmd = NL80211_CMD_GET_KEY,
@@ -13745,6 +13756,7 @@ static const struct genl_ops nl80211_ops[] = {
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
NL80211_FLAG_NEED_RTNL |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_CLEAR_SKB,
},
{
@@ -13754,6 +13766,7 @@ static const struct genl_ops nl80211_ops[] = {
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
NL80211_FLAG_NEED_RTNL |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_CLEAR_SKB,
},
{
@@ -13762,6 +13775,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_del_key,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -13778,6 +13792,7 @@ static const struct genl_ops nl80211_ops[] = {
.flags = GENL_UNS_ADMIN_PERM,
.doit = nl80211_start_ap,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -13786,6 +13801,7 @@ static const struct genl_ops nl80211_ops[] = {
.flags = GENL_UNS_ADMIN_PERM,
.doit = nl80211_stop_ap,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -13802,6 +13818,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_set_station,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -13810,6 +13827,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_new_station,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -13818,6 +13836,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_del_station,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -13921,6 +13940,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_trigger_scan,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_WDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -13929,6 +13949,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_abort_scan,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_WDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -13942,6 +13963,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_start_sched_scan,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -13950,6 +13972,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_stop_sched_scan,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -13958,6 +13981,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_authenticate,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL |
NL80211_FLAG_CLEAR_SKB,
},
@@ -13967,6 +13991,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_associate,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL |
NL80211_FLAG_CLEAR_SKB,
},
@@ -13976,6 +14001,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_deauthenticate,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -13984,6 +14010,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_disassociate,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -13992,6 +14019,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_join_ibss,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -14000,6 +14028,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_leave_ibss,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
#ifdef CONFIG_NL80211_TESTMODE
@@ -14019,6 +14048,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_connect,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL |
NL80211_FLAG_CLEAR_SKB,
},
@@ -14028,6 +14058,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_update_connect_params,
.flags = GENL_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL |
NL80211_FLAG_CLEAR_SKB,
},
@@ -14037,6 +14068,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_disconnect,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -14083,6 +14115,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_remain_on_channel,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_WDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -14091,6 +14124,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_cancel_remain_on_channel,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_WDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -14115,6 +14149,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_tx_mgmt,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_WDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -14123,6 +14158,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_tx_mgmt_cancel_wait,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_WDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -14147,6 +14183,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_set_cqm,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -14221,6 +14258,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_set_rekey_data,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL |
NL80211_FLAG_CLEAR_SKB,
},
@@ -14278,6 +14316,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_start_p2p_device,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_WDEV |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -14286,6 +14325,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_stop_p2p_device,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_WDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -14371,6 +14411,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_crit_protocol_start,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_WDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
@@ -14379,6 +14420,7 @@ static const struct genl_ops nl80211_ops[] = {
.doit = nl80211_crit_protocol_stop,
.flags = GENL_UNS_ADMIN_PERM,
.internal_flags = NL80211_FLAG_NEED_WDEV_UP |
+ NL80211_FLAG_OWNER_ONLY |
NL80211_FLAG_NEED_RTNL,
},
{
--
2.21.0
FYI, we noticed the following commit (built with gcc-7):
commit: d8572a564d8aa17cb726a2aed04d0bbe52403249 ("[PATCH 2/3] nl80211: Limit certain commands to interface owner")
url: https://github.com/0day-ci/linux/commits/Denis-Kenzior/nl80211-Update-uapi-for-CMD_FRAME_WAIT_CANCEL/20190622-213015
base: https://git.kernel.org/cgit/linux/kernel/git/jberg/mac80211-next.git master
in testcase: hwsim
with following parameters:
group: hwsim-13
on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 4G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
+---------------------------------------------------------------------------------+------------+------------+
| | 97b91db67a | d8572a564d |
+---------------------------------------------------------------------------------+------------+------------+
| boot_successes | 2 | 0 |
| boot_failures | 18 | 20 |
| BUG:kernel_reboot-without-warning_in_test_stage | 18 | 4 |
| assertion_failed | 0 | 16 |
| WARNING:at_net/wireless/reg.c:#reset_regdomains[cfg80211] | 0 | 16 |
| RIP:reset_regdomains[cfg80211] | 0 | 16 |
| WARNING:at_net/wireless/reg.c:#update_all_wiphy_regulatory[cfg80211] | 0 | 16 |
| RIP:update_all_wiphy_regulatory[cfg80211] | 0 | 16 |
| WARNING:at_net/wireless/mlme.c:#cfg80211_process_mlme_unregistrations[cfg80211] | 0 | 16 |
| RIP:cfg80211_process_mlme_unregistrations[cfg80211] | 0 | 16 |
| WARNING:at_net/core/dev.c:#call_netdevice_notifiers_info | 0 | 11 |
| RIP:call_netdevice_notifiers_info | 0 | 11 |
| WARNING:at_net/wireless/nl80211.c:#__cfg80211_wdev_from_attrs[cfg80211] | 0 | 16 |
| RIP:__cfg80211_wdev_from_attrs[cfg80211] | 0 | 16 |
| WARNING:at_net/sched/sch_api.c:#qdisc_hash_add | 0 | 10 |
| RIP:qdisc_hash_add | 0 | 10 |
| WARNING:at_net/core/rtnetlink.c:#rtnl_fill_ifinfo | 0 | 12 |
| RIP:rtnl_fill_ifinfo | 0 | 12 |
| WARNING:at_net/core/devlink.c:#devlink_compat_phys_port_name_get | 0 | 12 |
| RIP:devlink_compat_phys_port_name_get | 0 | 12 |
| WARNING:at_net/core/devlink.c:#devlink_compat_switch_id_get | 0 | 12 |
| RIP:devlink_compat_switch_id_get | 0 | 12 |
| WARNING:at_net/core/rtnetlink.c:#rtnl_xdp_prog_skb | 0 | 12 |
| RIP:rtnl_xdp_prog_skb | 0 | 12 |
| WARNING:at_net/core/fib_rules.c:#fib_rules_event | 0 | 11 |
| RIP:fib_rules_event | 0 | 11 |
| WARNING:at_net/ipv4/devinet.c:#inetdev_event | 0 | 11 |
| RIP:inetdev_event | 0 | 11 |
| WARNING:at_net/wireless/nl80211.c:#__cfg80211_rdev_from_attrs[cfg80211] | 0 | 16 |
| RIP:__cfg80211_rdev_from_attrs[cfg80211] | 0 | 16 |
| WARNING:at_net/wireless/core.c:#cfg80211_rdev_by_wiphy_idx[cfg80211] | 0 | 16 |
| RIP:cfg80211_rdev_by_wiphy_idx[cfg80211] | 0 | 16 |
| WARNING:at_net/wireless/util.c:#cfg80211_change_iface[cfg80211] | 0 | 16 |
| RIP:cfg80211_change_iface[cfg80211] | 0 | 16 |
| WARNING:at_net/wireless/util.c:#cfg80211_process_rdev_events[cfg80211] | 0 | 16 |
| RIP:cfg80211_process_rdev_events[cfg80211] | 0 | 16 |
| WARNING:at_net/mac80211/iface.c:#ieee80211_if_change_type[mac80211] | 0 | 16 |
| RIP:ieee80211_if_change_type[mac80211] | 0 | 16 |
| WARNING:at_net/wireless/nl80211.c:#nl80211_set_wiphy[cfg80211] | 0 | 16 |
| RIP:nl80211_set_wiphy[cfg80211] | 0 | 16 |
| WARNING:at_net/wireless/chan.c:#cfg80211_reg_can_beacon_relax[cfg80211] | 0 | 16 |
| RIP:cfg80211_reg_can_beacon_relax[cfg80211] | 0 | 16 |
| WARNING:at_net/wireless/reg.c:#restore_regulatory_settings[cfg80211] | 0 | 2 |
| RIP:restore_regulatory_settings[cfg80211] | 0 | 2 |
| WARNING:at_net/wireless/core.c:#wiphy_idx_to_wiphy[cfg80211] | 0 | 8 |
| RIP:wiphy_idx_to_wiphy[cfg80211] | 0 | 8 |
| WARNING:at_net/wireless/core.c:#__cfg80211_leave[cfg80211] | 0 | 3 |
| RIP:__cfg80211_leave[cfg80211] | 0 | 3 |
| BUG:unable_to_handle_page_fault_for_address | 0 | 1 |
| Oops:#[##] | 0 | 1 |
| RIP:netpoll_poll_disable | 0 | 1 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 2 |
| WARNING:at_net/ipv4/igmp.c:#ip_mc_up | 0 | 6 |
| RIP:ip_mc_up | 0 | 6 |
| WARNING:at_net/ipv4/igmp.c:#____ip_mc_inc_group | 0 | 6 |
| RIP:____ip_mc_inc_group | 0 | 6 |
| WARNING:at_net/wireless/core.c:#cfg80211_update_iface_num[cfg80211] | 0 | 7 |
| RIP:cfg80211_update_iface_num[cfg80211] | 0 | 7 |
| WARNING:at_net/wireless/wext-sme.c:#cfg80211_mgd_wext_connect[cfg80211] | 0 | 6 |
| RIP:cfg80211_mgd_wext_connect[cfg80211] | 0 | 6 |
| WARNING:at_net/ipv6/addrconf.c:#addrconf_dev_config | 0 | 4 |
| RIP:addrconf_dev_config | 0 | 4 |
| WARNING:at_net/ipv6/addrconf.c:#addrconf_add_dev | 0 | 4 |
| RIP:addrconf_add_dev | 0 | 4 |
| WARNING:at_net/ipv6/addrconf.c:#ipv6_find_idev | 0 | 4 |
| RIP:ipv6_find_idev | 0 | 4 |
| WARNING:at_net/mac80211/iface.c:#ieee80211_check_concurrent_iface[mac80211] | 0 | 4 |
| RIP:ieee80211_check_concurrent_iface[mac80211] | 0 | 4 |
| WARNING:at_net/wireless/reg.c:#set_regdom[cfg80211] | 0 | 7 |
| RIP:set_regdom[cfg80211] | 0 | 7 |
| general_protection_fault:#[##] | 0 | 1 |
| RIP:dev_deactivate_many | 0 | 1 |
| WARNING:at_net/wireless/chan.c:#cfg80211_any_wiphy_oper_chan[cfg80211] | 0 | 1 |
| RIP:cfg80211_any_wiphy_oper_chan[cfg80211] | 0 | 1 |
| WARNING:at_net/wireless/core.c:#cfg80211_destroy_ifaces[cfg80211] | 0 | 2 |
| RIP:cfg80211_destroy_ifaces[cfg80211] | 0 | 2 |
| WARNING:at_net/mac80211/iface.c:#ieee80211_if_add[mac80211] | 0 | 2 |
| RIP:ieee80211_if_add[mac80211] | 0 | 2 |
| WARNING:at_net/core/dev.c:#register_netdevice | 0 | 2 |
| RIP:register_netdevice | 0 | 2 |
| WARNING:at_net/core/dev.c:#__netdev_update_features | 0 | 2 |
| RIP:__netdev_update_features | 0 | 2 |
| WARNING:at_net/core/dev.c:#list_netdevice | 0 | 2 |
| RIP:list_netdevice | 0 | 2 |
| WARNING:at_net/ipv4/devinet.c:#inetdev_init | 0 | 2 |
| RIP:inetdev_init | 0 | 2 |
| WARNING:at_net/ipv4/igmp.c:#ip_mc_init_dev | 0 | 2 |
| RIP:ip_mc_init_dev | 0 | 2 |
| WARNING:at_net/ipv6/addrconf.c:#ipv6_add_dev | 0 | 2 |
| RIP:ipv6_add_dev | 0 | 2 |
| WARNING:at_net/ipv6/mcast.c:#__ipv6_dev_mc_inc | 0 | 2 |
| RIP:__ipv6_dev_mc_inc | 0 | 2 |
| WARNING:at_net/mac80211/iface.c:#ieee80211_if_remove[mac80211] | 0 | 2 |
| RIP:ieee80211_if_remove[mac80211] | 0 | 2 |
| WARNING:at_net/core/dev.c:#unregister_netdevice_queue | 0 | 2 |
| RIP:unregister_netdevice_queue | 0 | 2 |
| WARNING:at_net/ipv4/igmp.c:#ip_mc_down | 0 | 2 |
| RIP:ip_mc_down | 0 | 2 |
| WARNING:at_net/ipv4/igmp.c:#__ip_mc_dec_group | 0 | 2 |
| RIP:__ip_mc_dec_group | 0 | 2 |
| WARNING:at_net/ipv6/addrconf.c:#addrconf_ifdown | 0 | 2 |
| RIP:addrconf_ifdown | 0 | 2 |
| WARNING:at_net/ipv6/addrconf.c:#__ipv6_ifa_notify | 0 | 3 |
| RIP:__ipv6_ifa_notify | 0 | 3 |
| WARNING:at_net/ipv6/mcast.c:#__ipv6_dev_mc_dec | 0 | 2 |
| RIP:__ipv6_dev_mc_dec | 0 | 2 |
| WARNING:at_net/core/dev.c:#unlist_netdevice | 0 | 1 |
| RIP:unlist_netdevice | 0 | 1 |
| WARNING:at_net/sched/sch_api.c:#qdisc_hash_del | 0 | 1 |
| RIP:qdisc_hash_del | 0 | 1 |
| WARNING:at_net/ipv4/igmp.c:#ip_mc_destroy_dev | 0 | 1 |
| RIP:ip_mc_destroy_dev | 0 | 1 |
| WARNING:at_net/wireless/core.c:#__cfg80211_unregister_wdev[cfg80211] | 0 | 1 |
| RIP:__cfg80211_unregister_wdev[cfg80211] | 0 | 1 |
| WARNING:at_net/core/dev.c:#netdev_has_any_upper_dev | 0 | 1 |
| RIP:netdev_has_any_upper_dev | 0 | 1 |
| WARNING:at_net/core/dev.c:#rollback_registered_many | 0 | 2 |
| RIP:rollback_registered_many | 0 | 2 |
| WARNING:at_net/core/dev.c:#__dev_close_many | 0 | 2 |
| RIP:__dev_close_many | 0 | 2 |
| BUG:soft_lockup-CPU##stuck_for#s | 0 | 1 |
| RIP:find_next_bit | 0 | 1 |
| Kernel_panic-not_syncing:softlockup:hung_tasks | 0 | 1 |
+---------------------------------------------------------------------------------+------------+------------+
If you fix the issue, kindly add following tag
Reported-by: kernel test robot <[email protected]>
[ 186.333346] cfg80211: Loading compiled-in X.509 certificates for regulatory database
[ 186.336318] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
[ 186.339612] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 186.343633] cfg80211: failed to load regulatory.db
[ 186.359277] ------------[ cut here ]------------
[ 186.361527] RTNL: assertion failed at net/wireless/reg.c (306)
[ 186.364166] WARNING: CPU: 0 PID: 4804 at net/wireless/reg.c:306 reset_regdomains+0xd5/0xe0 [cfg80211]
[ 186.367388] Modules linked in: cfg80211 rfkill bochs_drm ttm sr_mod cdrom crct10dif_pclmul drm_kms_helper crc32_pclmul sg crc32c_intel ata_generic pata_acpi ghash_clmulni_intel ppdev syscopyarea sysfillrect sysimgblt fb_sys_fops snd_pcm drm ata_piix aesni_intel snd_timer snd crypto_simd libata cryptd glue_helper soundcore joydev pcspkr serio_raw parport_pc i2c_piix4 floppy parport ip_tables
[ 186.378827] CPU: 0 PID: 4804 Comm: crda Not tainted 5.2.0-rc3-01111-gd8572a5 #1
[ 186.381529] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
[ 186.384383] RIP: 0010:reset_regdomains+0xd5/0xe0 [cfg80211]
[ 186.386829] Code: 33 07 09 00 00 0f 85 63 ff ff ff ba 32 01 00 00 48 c7 c6 40 9d 55 c0 48 c7 c7 68 9d 55 c0 c6 05 13 07 09 00 01 e8 eb fa 79 ea <0f> 0b e9 3d ff ff ff 0f 1f 40 00 66 66 66 66 90 48 8b 05 d4 26 08
[ 186.392729] RSP: 0018:ffffb103c09bba38 EFLAGS: 00010282
[ 186.395104] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 186.397792] RDX: ffff95233fc26d80 RSI: ffff95233fc17778 RDI: ffff95233fc17778
[ 186.400389] RBP: ffff95227e894400 R08: 0000000000000459 R09: 0000000000aaaaaa
[ 186.403046] R10: 0000000000000000 R11: ffff95227dd39e30 R12: ffff95227e894414
[ 186.405696] R13: ffffffffc0556140 R14: 0000000000000000 R15: ffff95227e7ef9c8
[ 186.408337] FS: 00007f157ef5cb40(0000) GS:ffff95233fc00000(0000) knlGS:0000000000000000
[ 186.411470] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 186.413856] CR2: 00005623bc744028 CR3: 000000008861e000 CR4: 00000000000406f0
[ 186.416457] Call Trace:
[ 186.418174] set_regdom+0x2b0/0x430 [cfg80211]
[ 186.420255] nl80211_set_reg+0x290/0x2c0 [cfg80211]
[ 186.422395] genl_family_rcv_msg+0x203/0x400
[ 186.424986] ? __alloc_pages_nodemask+0x157/0x340
[ 186.427159] genl_rcv_msg+0x47/0x90
[ 186.429001] ? __kmalloc_node_track_caller+0x59/0x2a0
[ 186.431140] ? genl_family_rcv_msg+0x400/0x400
[ 186.433207] netlink_rcv_skb+0x4a/0x110
[ 186.435092] genl_rcv+0x24/0x40
[ 186.436918] netlink_unicast+0x193/0x230
[ 186.438784] netlink_sendmsg+0x2c1/0x3c0
[ 186.440809] sock_sendmsg+0x4c/0x50
[ 186.442756] ___sys_sendmsg+0x289/0x300
[ 186.444825] ? mem_cgroup_throttle_swaprate+0x20/0x160
[ 186.447196] ? do_anonymous_page+0x2f3/0x3f0
[ 186.449197] ? __seccomp_filter+0x96/0x6c0
[ 186.451348] ? __sys_sendmsg+0x5e/0xa0
[ 186.453442] __sys_sendmsg+0x5e/0xa0
[ 186.455394] do_syscall_64+0x5b/0x1e0
[ 186.457454] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 186.459677] RIP: 0033:0x7f157e463dc7
[ 186.461625] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb cd 66 0f 1f 44 00 00 8b 05 4a 49 2b 00 85 c0 75 2e 48 63 ff 48 63 d2 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 a1 f0 2a 00 f7 d8 64 89 02 48
[ 186.467465] RSP: 002b:00007ffd7f9d92d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 186.470182] RAX: ffffffffffffffda RBX: 00005623bc756010 RCX: 00007f157e463dc7
[ 186.472725] RDX: 0000000000000000 RSI: 00007ffd7f9d9360 RDI: 0000000000000000
[ 186.475275] RBP: 00005623bc755ef0 R08: 0000000000000000 R09: 00000000000000f0
[ 186.477814] R10: 00000000000000ea R11: 0000000000000246 R12: 00005623bc756060
[ 186.480547] R13: 00007ffd7f9d9360 R14: 00005623bc755c20 R15: 0000000000000008
[ 186.484264] ---[ end trace 9a39044671a6e95d ]---
[ 186.486521] ------------[ cut here ]------------
[ 186.488449] RTNL: assertion failed at net/wireless/reg.c (2252)
[ 186.491060] WARNING: CPU: 0 PID: 4804 at net/wireless/reg.c:2252 update_all_wiphy_regulatory+0x8a/0x90 [cfg80211]
[ 186.495546] Modules linked in: cfg80211 rfkill bochs_drm ttm sr_mod cdrom crct10dif_pclmul drm_kms_helper crc32_pclmul sg crc32c_intel ata_generic pata_acpi ghash_clmulni_intel ppdev syscopyarea sysfillrect sysimgblt fb_sys_fops snd_pcm drm ata_piix aesni_intel snd_timer snd crypto_simd libata cryptd glue_helper soundcore joydev pcspkr serio_raw parport_pc i2c_piix4 floppy parport ip_tables
[ 186.506468] CPU: 0 PID: 4804 Comm: crda Tainted: G W 5.2.0-rc3-01111-gd8572a5 #1
[ 186.509258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
[ 186.512042] RIP: 0010:update_all_wiphy_regulatory+0x8a/0x90 [cfg80211]
[ 186.514585] Code: 7b ea 80 3d d5 e3 08 00 00 75 a7 ba cc 08 00 00 48 c7 c6 40 9d 55 c0 48 c7 c7 68 9d 55 c0 c6 05 b9 e3 08 00 01 e8 96 d7 79 ea <0f> 0b eb 84 66 90 66 66 66 66 90 41 55 41 54 55 53 48 89 fb 8b 6f
[ 186.520426] RSP: 0018:ffffb103c09bba38 EFLAGS: 00010282
[ 186.522651] RAX: 0000000000000000 RBX: ffff95227e894400 RCX: 0000000000000000
[ 186.525202] RDX: ffff95233fc26d80 RSI: ffff95233fc17778 RDI: ffff95233fc17778
[ 186.527808] RBP: 0000000000000000 R08: 0000000000000488 R09: 0000000000aaaaaa
[ 186.530318] R10: 0000000000000000 R11: ffff95227dd38b70 R12: 0000000000000000
[ 186.533247] R13: ffffffffc0556140 R14: 0000000000000000 R15: ffff95227e7ef9c8
[ 186.535818] FS: 00007f157ef5cb40(0000) GS:ffff95233fc00000(0000) knlGS:0000000000000000
[ 186.538591] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 186.540959] CR2: 00005623bc744028 CR3: 000000008861e000 CR4: 00000000000406f0
[ 186.543642] Call Trace:
[ 186.545460] set_regdom+0x149/0x430 [cfg80211]
[ 186.547596] nl80211_set_reg+0x290/0x2c0 [cfg80211]
[ 186.549758] genl_family_rcv_msg+0x203/0x400
[ 186.551913] ? __alloc_pages_nodemask+0x157/0x340
[ 186.554053] genl_rcv_msg+0x47/0x90
[ 186.556085] ? __kmalloc_node_track_caller+0x59/0x2a0
[ 186.558417] ? genl_family_rcv_msg+0x400/0x400
[ 186.560609] netlink_rcv_skb+0x4a/0x110
[ 186.562710] genl_rcv+0x24/0x40
[ 186.564712] netlink_unicast+0x193/0x230
[ 186.566835] netlink_sendmsg+0x2c1/0x3c0
[ 186.568847] sock_sendmsg+0x4c/0x50
[ 186.570935] ___sys_sendmsg+0x289/0x300
[ 186.572994] ? mem_cgroup_throttle_swaprate+0x20/0x160
[ 186.575196] ? do_anonymous_page+0x2f3/0x3f0
[ 186.577419] ? __seccomp_filter+0x96/0x6c0
[ 186.579439] ? __sys_sendmsg+0x5e/0xa0
[ 186.581528] __sys_sendmsg+0x5e/0xa0
[ 186.583526] do_syscall_64+0x5b/0x1e0
[ 186.585418] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 186.587625] RIP: 0033:0x7f157e463dc7
[ 186.589610] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb cd 66 0f 1f 44 00 00 8b 05 4a 49 2b 00 85 c0 75 2e 48 63 ff 48 63 d2 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 a1 f0 2a 00 f7 d8 64 89 02 48
[ 186.595368] RSP: 002b:00007ffd7f9d92d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 186.598376] RAX: ffffffffffffffda RBX: 00005623bc756010 RCX: 00007f157e463dc7
[ 186.601001] RDX: 0000000000000000 RSI: 00007ffd7f9d9360 RDI: 0000000000000000
[ 186.603656] RBP: 00005623bc755ef0 R08: 0000000000000000 R09: 00000000000000f0
[ 186.606129] R10: 00000000000000ea R11: 0000000000000246 R12: 00005623bc756060
[ 186.608590] R13: 00007ffd7f9d9360 R14: 00005623bc755c20 R15: 0000000000000008
[ 186.614598] ---[ end trace 9a39044671a6e95e ]---
[ 186.749954] mac80211_hwsim: initializing netlink
[ 186.777079] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
To reproduce:
# build kernel
cd linux
cp config-5.2.0-rc3-01111-gd8572a5 .config
make HOSTCC=gcc-7 CC=gcc-7 ARCH=x86_64 olddefconfig
make HOSTCC=gcc-7 CC=gcc-7 ARCH=x86_64 prepare
make HOSTCC=gcc-7 CC=gcc-7 ARCH=x86_64 modules_prepare
make HOSTCC=gcc-7 CC=gcc-7 ARCH=x86_64 SHELL=/bin/bash
make HOSTCC=gcc-7 CC=gcc-7 ARCH=x86_64 bzImage
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email
Thanks,
Rong Chen