sch_sfq: fix null pointer dereference at timer expiration

While converting sch_sfq to use timer_setup(), the commit cdeabbb8 ("net: sched: Convert timers to use timer_setup()") forgot to initialize the 'sch' field. As a result, the timer callback tries to dereference a NULL pointer, and the kernel does oops. Fix it initializing such field at qdisc creation time. Fixes: cdeabbb8 ("net: sched: Convert timers to use timer_setup()") Signed-off-by: N Paolo Abeni <pabeni@redhat.com> Acked-by: N Cong Wang <xiyou.wangcong@gmail.com> Acked-by: N Kees Cook <keescook@chromium.org> Signed-off-by: N David S. Miller <davem@davemloft.net>

sch_sfq: fix null pointer dereference at timer expiration
While converting sch_sfq to use timer_setup(), the commit cdeabbb8 ("net: sched: Convert timers to use timer_setup()") forgot to initialize the 'sch' field. As a result, the timer callback tries to dereference a NULL pointer, and the kernel does oops. Fix it initializing such field at qdisc creation time. Fixes: cdeabbb8 ("net: sched: Convert timers to use timer_setup()") Signed-off-by: N Paolo Abeni <pabeni@redhat.com> Acked-by: N Cong Wang <xiyou.wangcong@gmail.com> Acked-by: N Kees Cook <keescook@chromium.org> Signed-off-by: N David S. Miller <davem@davemloft.net>
f85729d0 · Paolo Abeni · David S. Miller · 25415cec · f85729d0
隐藏空白更改
内联并排

Showing with 1 addition and 0 deletion

net/sched/sch_sfq.c net/sched/sch_sfq.c +1 -0

未找到文件。
--- a/net/sched/sch_sfq.c
+++ b/net/sched/sch_sfq.c
@@ -724,6 +724,7 @@ static int sfq_init(struct Qdisc *sch, struct nlattr *opt)
 	int i;
 	int err;

+	q->sch = sch;
 	timer_setup(&q->perturb_timer, sfq_perturbation, TIMER_DEFERRABLE);

 	err = tcf_block_get(&q->block, &q->filter_list, sch);