Message ID | 107ac334855fea1e6492b2e523b788209e54ec2f.1505462312.git.lucien.xin@gmail.com |
---|---|
State | Accepted, archived |
Delegated to: | David Miller |
Headers | show |
Series | [net] ip6_tunnel: do not allow loading ip6_tunnel if ipv6 is disabled in cmdline | expand |
From: Xin Long <lucien.xin@gmail.com> Date: Fri, 15 Sep 2017 15:58:33 +0800 > If ipv6 has been disabled from cmdline since kernel started, it makes > no sense to allow users to create any ip6 tunnel. Otherwise, it could > some potential problem. > > Jianlin found a kernel crash caused by this in ip6_gre when he set > ipv6.disable=1 in grub: > > [ 209.588865] Unable to handle kernel paging request for data at address 0x00000080 > [ 209.588872] Faulting instruction address: 0xc000000000a3aa6c > [ 209.588879] Oops: Kernel access of bad area, sig: 11 [#1] > [ 209.589062] NIP [c000000000a3aa6c] fib_rules_lookup+0x4c/0x260 > [ 209.589071] LR [c000000000b9ad90] fib6_rule_lookup+0x50/0xb0 > [ 209.589076] Call Trace: > [ 209.589097] fib6_rule_lookup+0x50/0xb0 > [ 209.589106] rt6_lookup+0xc4/0x110 > [ 209.589116] ip6gre_tnl_link_config+0x214/0x2f0 [ip6_gre] > [ 209.589125] ip6gre_newlink+0x138/0x3a0 [ip6_gre] > [ 209.589134] rtnl_newlink+0x798/0xb80 > [ 209.589142] rtnetlink_rcv_msg+0xec/0x390 > [ 209.589151] netlink_rcv_skb+0x138/0x150 > [ 209.589159] rtnetlink_rcv+0x48/0x70 > [ 209.589169] netlink_unicast+0x538/0x640 > [ 209.589175] netlink_sendmsg+0x40c/0x480 > [ 209.589184] ___sys_sendmsg+0x384/0x4e0 > [ 209.589194] SyS_sendmsg+0xd4/0x140 > [ 209.589201] SyS_socketcall+0x3e0/0x4f0 > [ 209.589209] system_call+0x38/0xe0 > > This patch is to return -EOPNOTSUPP in ip6_tunnel_init if ipv6 has been > disabled from cmdline. > > Reported-by: Jianlin Shi <jishi@redhat.com> > Signed-off-by: Xin Long <lucien.xin@gmail.com> Applied and queued up for -stable, thanks.
diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c index ae73164..f2f21c2 100644 --- a/net/ipv6/ip6_tunnel.c +++ b/net/ipv6/ip6_tunnel.c @@ -2259,6 +2259,9 @@ static int __init ip6_tunnel_init(void) { int err; + if (!ipv6_mod_enabled()) + return -EOPNOTSUPP; + err = register_pernet_device(&ip6_tnl_net_ops); if (err < 0) goto out_pernet;
If ipv6 has been disabled from cmdline since kernel started, it makes no sense to allow users to create any ip6 tunnel. Otherwise, it could some potential problem. Jianlin found a kernel crash caused by this in ip6_gre when he set ipv6.disable=1 in grub: [ 209.588865] Unable to handle kernel paging request for data at address 0x00000080 [ 209.588872] Faulting instruction address: 0xc000000000a3aa6c [ 209.588879] Oops: Kernel access of bad area, sig: 11 [#1] [ 209.589062] NIP [c000000000a3aa6c] fib_rules_lookup+0x4c/0x260 [ 209.589071] LR [c000000000b9ad90] fib6_rule_lookup+0x50/0xb0 [ 209.589076] Call Trace: [ 209.589097] fib6_rule_lookup+0x50/0xb0 [ 209.589106] rt6_lookup+0xc4/0x110 [ 209.589116] ip6gre_tnl_link_config+0x214/0x2f0 [ip6_gre] [ 209.589125] ip6gre_newlink+0x138/0x3a0 [ip6_gre] [ 209.589134] rtnl_newlink+0x798/0xb80 [ 209.589142] rtnetlink_rcv_msg+0xec/0x390 [ 209.589151] netlink_rcv_skb+0x138/0x150 [ 209.589159] rtnetlink_rcv+0x48/0x70 [ 209.589169] netlink_unicast+0x538/0x640 [ 209.589175] netlink_sendmsg+0x40c/0x480 [ 209.589184] ___sys_sendmsg+0x384/0x4e0 [ 209.589194] SyS_sendmsg+0xd4/0x140 [ 209.589201] SyS_socketcall+0x3e0/0x4f0 [ 209.589209] system_call+0x38/0xe0 This patch is to return -EOPNOTSUPP in ip6_tunnel_init if ipv6 has been disabled from cmdline. Reported-by: Jianlin Shi <jishi@redhat.com> Signed-off-by: Xin Long <lucien.xin@gmail.com> --- net/ipv6/ip6_tunnel.c | 3 +++ 1 file changed, 3 insertions(+)