kernel-fxtec-pro1x/net/ipv6
Vlad Yasevich 499923c7a3 ipv6: Fix NULL pointer dereference with time-wait sockets
Commit b2f5e7cd3d
(ipv6: Fix conflict resolutions during ipv6 binding)
introduced a regression where time-wait sockets were
not treated correctly.  This resulted in the following:

BUG: unable to handle kernel NULL pointer dereference at 0000000000000062
IP: [<ffffffff805d7d61>] ipv4_rcv_saddr_equal+0x61/0x70
...
Call Trace:
[<ffffffffa033847b>] ipv6_rcv_saddr_equal+0x1bb/0x250 [ipv6]
[<ffffffffa03505a8>] inet6_csk_bind_conflict+0x88/0xd0 [ipv6]
[<ffffffff805bb18e>] inet_csk_get_port+0x1ee/0x400
[<ffffffffa0319b7f>] inet6_bind+0x1cf/0x3a0 [ipv6]
[<ffffffff8056d17c>] ? sockfd_lookup_light+0x3c/0xd0
[<ffffffff8056ed49>] sys_bind+0x89/0x100
[<ffffffff80613ea2>] ? trace_hardirqs_on_thunk+0x3a/0x3c
[<ffffffff8020bf9b>] system_call_fastpath+0x16/0x1b

Tested-by: Brian Haley <brian.haley@hp.com>
Tested-by: Ed Tomlinson <edt@aei.ca>
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2009-04-11 01:53:06 -07:00
..
netfilter netfilter: ip6tables regression fix 2009-04-06 17:06:55 +02:00
addrconf.c ipv6: Fix conflict resolutions during ipv6 binding 2009-03-24 19:49:11 -07:00
addrconf_core.c
addrlabel.c net: replace %p6 with %pI6 2008-10-29 12:52:50 -07:00
af_inet6.c ipv6: Make v4-mapped bindings consistent with IPv4 2009-03-24 19:49:10 -07:00
ah6.c netns xfrm: AH/ESP in netns! 2008-11-25 17:59:27 -08:00
anycast.c net: replace %#p6 format specifier with %pi6 2008-10-29 12:50:24 -07:00
datagram.c netns xfrm: lookup in netns 2008-11-25 17:35:18 -08:00
esp6.c netns xfrm: AH/ESP in netns! 2008-11-25 17:59:27 -08:00
exthdrs.c net: replace %p6 with %pI6 2008-10-29 12:52:50 -07:00
exthdrs_core.c
fib6_rules.c netns: Add network namespace argument to rt6_fill_node() and ipv6_dev_get_saddr() 2008-08-14 15:33:21 -07:00
icmp.c net: fix xfrm reverse flow lookup for icmp6 2009-01-27 22:30:19 -08:00
inet6_connection_sock.c netns xfrm: lookup in netns 2008-11-25 17:35:18 -08:00
inet6_hashtables.c ipv6: don't use tw net when accounting for recycled tw 2009-02-26 03:35:13 -08:00
ip6_fib.c ipv6: Fix fib6_dump_table walker leak 2009-01-13 22:17:51 -08:00
ip6_flowlabel.c ipv6: Disallow rediculious flowlabel option sizes. 2009-02-06 00:49:55 -08:00
ip6_input.c ipv6: Plug sk_buff leak in ipv6_rcv (net/ipv6/ip6_input.c) 2009-03-27 00:17:45 -07:00
ip6_output.c ipv6: Copy cork options in ip6_append_data 2009-02-05 15:15:50 -08:00
ip6_tunnel.c IPv6: fix to set device name when new IPv6 over IPv6 tunnel device is created. 2009-02-09 15:01:19 -08:00
ip6mr.c ipv6: compile fix for ip6mr.c 2009-01-31 00:51:49 -08:00
ipcomp6.c netns xfrm: state lookup in netns 2008-11-25 17:30:50 -08:00
ipv6_sockglue.c ipv6: Remove some pointless conditionals before kfree_skb() 2009-02-24 23:33:52 -08:00
Kconfig trivial: fix typos/grammar errors in Kconfig texts 2009-03-30 15:22:01 +02:00
Makefile
mcast.c ipv6/mcast: join error paths using goto 2008-12-14 23:15:21 -08:00
mip6.c netns xfrm: KM reporting in netns 2008-11-25 17:51:01 -08:00
ndisc.c netlink: change nlmsg_notify() return value logic 2009-02-24 23:18:28 -08:00
netfilter.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6 2008-11-28 02:19:15 -08:00
proc.c net: fix tiny output corruption of /proc/net/snmp6 2008-11-20 04:20:10 -08:00
protocol.c net: remove CVS keywords 2008-06-11 21:00:38 -07:00
raw.c netns xfrm: lookup in netns 2008-11-25 17:35:18 -08:00
reassembly.c netns: oops in ip[6]_frag_reasm incrementing stats 2009-03-18 23:26:11 -07:00
route.c netlink: change nlmsg_notify() return value logic 2009-02-24 23:18:28 -08:00
sit.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-03-20 02:27:41 -07:00
syncookies.c netns xfrm: lookup in netns 2008-11-25 17:35:18 -08:00
sysctl_net_ipv6.c remove lots of double-semicolons 2009-01-08 08:31:14 -08:00
tcp_ipv6.c ipv6: Remove some pointless conditionals before kfree_skb() 2009-02-24 23:33:52 -08:00
tunnel6.c [IPV6] TUNNEL6: Fix incoming packet length check for inter-protocol tunnel. 2008-06-05 04:02:32 +09:00
udp.c ipv6: Fix NULL pointer dereference with time-wait sockets 2009-04-11 01:53:06 -07:00
udp_impl.h udp: introduce struct udp_table and multiple spinlocks 2008-10-29 01:41:45 -07:00
udplite.c udp: RCU handling for Unicast packets. 2008-10-29 02:11:14 -07:00
xfrm6_input.c netns xfrm: per-netns MIBs 2008-11-25 17:59:52 -08:00
xfrm6_mode_beet.c ipsec: Interfamily IPSec BEET, ipv4-inner ipv6-outer 2008-08-06 02:40:25 -07:00
xfrm6_mode_ro.c
xfrm6_mode_transport.c
xfrm6_mode_tunnel.c
xfrm6_output.c xfrm: fix fragmentation on inter family tunnels 2009-04-06 17:07:59 -07:00
xfrm6_policy.c net: replace uses of __constant_{endian} 2009-02-01 00:45:17 -08:00
xfrm6_state.c ipv6: fix sparse warning: Using plain integer as NULL pointer 2009-02-21 23:37:10 -08:00
xfrm6_tunnel.c xfrm6_tunnel: join error paths using goto 2008-12-14 23:13:48 -08:00