From 720afadc7a5069c6580fd2b5140732565261bebf Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Wed, 23 Dec 2015 11:15:02 +0000 Subject: kernel: backport all current pppoe kernel fixes to 3.18 Signed-off-by: Felix Fietkau SVN-Revision: 47963 --- ...oe_dev-deletion-condition-in-pppoe_releas.patch | 29 ++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 target/linux/generic/patches-3.18/081-05-ppp-fix-pppoe_dev-deletion-condition-in-pppoe_releas.patch (limited to 'target/linux/generic/patches-3.18/081-05-ppp-fix-pppoe_dev-deletion-condition-in-pppoe_releas.patch') diff --git a/target/linux/generic/patches-3.18/081-05-ppp-fix-pppoe_dev-deletion-condition-in-pppoe_releas.patch b/target/linux/generic/patches-3.18/081-05-ppp-fix-pppoe_dev-deletion-condition-in-pppoe_releas.patch new file mode 100644 index 0000000000..b1ae60b028 --- /dev/null +++ b/target/linux/generic/patches-3.18/081-05-ppp-fix-pppoe_dev-deletion-condition-in-pppoe_releas.patch @@ -0,0 +1,29 @@ +From: Guillaume Nault +Date: Thu, 22 Oct 2015 16:57:10 +0200 +Subject: [PATCH] ppp: fix pppoe_dev deletion condition in pppoe_release() + +We can't rely on PPPOX_ZOMBIE to decide whether to clear po->pppoe_dev. +PPPOX_ZOMBIE can be set by pppoe_disc_rcv() even when po->pppoe_dev is +NULL. So we have no guarantee that (sk->sk_state & PPPOX_ZOMBIE) implies +(po->pppoe_dev != NULL). +Since we're releasing a PPPoE socket, we want to release the pppoe_dev +if it exists and reset sk_state to PPPOX_DEAD, no matter the previous +value of sk_state. So we can just check for po->pppoe_dev and avoid any +assumption on sk->sk_state. + +Fixes: 2b018d57ff18 ("pppoe: drop PPPOX_ZOMBIEs in pppoe_release") +Signed-off-by: Guillaume Nault +Signed-off-by: David S. Miller +--- + +--- a/drivers/net/ppp/pppoe.c ++++ b/drivers/net/ppp/pppoe.c +@@ -589,7 +589,7 @@ static int pppoe_release(struct socket * + + po = pppox_sk(sk); + +- if (sk->sk_state & (PPPOX_CONNECTED | PPPOX_BOUND | PPPOX_ZOMBIE)) { ++ if (po->pppoe_dev) { + dev_put(po->pppoe_dev); + po->pppoe_dev = NULL; + } -- cgit v1.2.3