Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
vxlan: test dev->flags & IFF_UP before calling netif_rx()
netif_rx() must be called under a strict contract. At device dismantle phase, core networking clears IFF_UP and flush_all_backlogs() is called after rcu grace period to make sure no incoming packet might be in a cpu backlog and still referencing the device. Most drivers call netif_rx() from their interrupt handler, and since the interrupts are disabled at device dismantle, netif_rx() does not have to check dev->flags & IFF_UP Virtual drivers do not have this guarantee, and must therefore make the check themselves. Otherwise we risk use-after-free and/or crashes. Note this patch also fixes a small issue that came with commit ce6502a ("vxlan: fix a use after free in vxlan_encap_bypass"), since the dev->stats.rx_dropped change was done on the wrong device. Fixes: d342894 ("vxlan: virtual extensible lan") Fixes: ce6502a ("vxlan: fix a use after free in vxlan_encap_bypass") Signed-off-by: Eric Dumazet <[email protected]> Cc: Petr Machata <[email protected]> Cc: Ido Schimmel <[email protected]> Cc: Roopa Prabhu <[email protected]> Cc: Stefano Brivio <[email protected]> Signed-off-by: David S. Miller <[email protected]>
- Loading branch information