diff options
author | Jiri Pirko <jiri@mellanox.com> | 2019-10-08 12:31:43 +0200 |
---|---|---|
committer | Jakub Kicinski <jakub.kicinski@netronome.com> | 2019-10-08 18:00:08 -0700 |
commit | ab5b526da0485ac4af3d395e5ce1c04b1bfbb89c (patch) | |
tree | 0dfc9c44e377d41c26efcdf4f0884e14f50d20e8 /drivers/tty | |
parent | 48423dd7e683dadcfacc2bfb3bc0e57e7c8b9cb2 (diff) | |
download | linux-ab5b526da0485ac4af3d395e5ce1c04b1bfbb89c.tar.bz2 |
net: genetlink: always allocate separate attrs for dumpit ops
Individual dumpit ops (start, dumpit, done) are locked by genl_lock
if !family->parallel_ops. However, multiple
genl_family_rcv_msg_dumpit() calls may in in flight in parallel.
Each has a separate struct genl_dumpit_info allocated
but they share the same family->attrbuf. Fix this by allocating separate
memory for attrs for dumpit ops, for non-parallel_ops (for parallel_ops
it is done already).
Reported-by: syzbot+495688b736534bb6c6ad@syzkaller.appspotmail.com
Reported-by: syzbot+ff59dc711f2cff879a05@syzkaller.appspotmail.com
Reported-by: syzbot+dbe02e13bcce52bcf182@syzkaller.appspotmail.com
Reported-by: syzbot+9cb7edb2906ea1e83006@syzkaller.appspotmail.com
Fixes: bf813b0afeae ("net: genetlink: parse attrs and store in contect info struct during dumpit")
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Diffstat (limited to 'drivers/tty')
0 files changed, 0 insertions, 0 deletions