From 5f19d8ac86246c886e88eff54bbfca9daf4694b7 Mon Sep 17 00:00:00 2001 From: Pravin B Shelar Date: Sun, 15 Feb 2015 15:01:42 -0800 Subject: [PATCH] datapath: Initialize unmasked key and uid len. Flow alloc needs to initialize unmasked key pointer. Otherwise it can crash kernel trying to free random unmasked-key pointer. general protection fault: 0000 [#1] SMP 3.19.0-rc6-net-next+ #457 Hardware name: Supermicro X7DWU/X7DWU, BIOS 1.1 04/30/2008 RIP: 0010:[] [] kfree+0xac/0x196 Call Trace: [] flow_free+0x21/0x59 [openvswitch] [] ovs_flow_free+0x21/0x23 [openvswitch] [] ovs_packet_cmd_execute+0x2f3/0x35f [openvswitch] [] ? ovs_packet_cmd_execute+0x13e/0x35f [openvswitch] [] ? nla_parse+0x4f/0xec [] genl_family_rcv_msg+0x26d/0x2c9 [] ? __lock_acquire+0x90e/0x9aa [] genl_rcv_msg+0x66/0x89 [] ? genl_family_rcv_msg+0x2c9/0x2c9 [] netlink_rcv_skb+0x3e/0x95 [] ? genl_rcv+0x18/0x37 [] genl_rcv+0x27/0x37 [] netlink_unicast+0x103/0x191 [] netlink_sendmsg+0x2c1/0x310 [] ? might_fault+0x50/0xa0 [] do_sock_sendmsg+0x5f/0x7a [] sock_sendmsg+0xb/0xd [] ___sys_sendmsg+0x1a3/0x218 [] ? get_close_on_exec+0x86/0x86 [] ? fsnotify+0x32c/0x348 [] ? fsnotify+0x7c/0x348 [] ? __fget+0xaa/0xbf [] ? get_close_on_exec+0x86/0x86 [] __sys_sendmsg+0x3d/0x5e [] SyS_sendmsg+0x14/0x16 [] system_call_fastpath+0x12/0x17 Reported-by: Or Gerlitz Signed-off-by: Pravin B Shelar --- datapath/flow_table.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/datapath/flow_table.c b/datapath/flow_table.c index 311e5ee8766..9a27bea97a0 100644 --- a/datapath/flow_table.c +++ b/datapath/flow_table.c @@ -92,6 +92,8 @@ struct sw_flow *ovs_flow_alloc(void) flow->sf_acts = NULL; flow->mask = NULL; + flow->id.ufid_len = 0; + flow->id.unmasked_key = NULL; flow->stats_last_writer = NUMA_NO_NODE; /* Initialize the default stat node. */