sch_netem: restore skb->dev after dequeuing from the rbtree
Upstream commit
bffa72cf7f9d ("net: sk_buff rbnode reorg") got
backported as commit
6b921536f170 ("net: sk_buff rbnode reorg") into the
v4.14.x-tree.
However, the backport does not include the changes in sch_netem.c
We need these, as otherwise the skb->dev pointer is not set when
dequeueing from the netem rbtree, resulting in a panic:
[ 15.427748] BUG: unable to handle kernel NULL pointer dereference at
00000000000000d0
[ 15.428863] IP: netif_skb_features+0x24/0x230
[ 15.429402] PGD 0 P4D 0
[ 15.429733] Oops: 0000 [#1] SMP PTI
[ 15.430169] Modules linked in:
[ 15.430614] CPU: 3 PID: 0 Comm: swapper/3 Not tainted 4.14.77.mptcp #77
[ 15.431497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.5.1 01/01/2011
[ 15.432568] task:
ffff88042db19680 task.stack:
ffffc90000070000
[ 15.433356] RIP: 0010:netif_skb_features+0x24/0x230
[ 15.433977] RSP: 0018:
ffff88043fd83e70 EFLAGS:
00010286
[ 15.434665] RAX:
ffff880429ad80c0 RBX:
ffff88042bd0e400 RCX:
ffff880429ad8000
[ 15.435585] RDX:
0000000000000000 RSI:
0000000000000000 RDI:
ffff88042bd0e400
[ 15.436551] RBP:
ffff88042bd0e400 R08:
ffff88042a4b6c9c R09:
0000000000000001
[ 15.437485] R10:
0000000000000004 R11:
0000000000000000 R12:
ffff88042c700000
[ 15.438393] R13:
ffff88042c700000 R14:
ffff88042a4b6c00 R15:
ffff88042c6bb000
[ 15.439315] FS:
0000000000000000(0000) GS:
ffff88043fd80000(0000) knlGS:
0000000000000000
[ 15.440314] CS: 0010 DS: 0000 ES: 0000 CR0:
0000000080050033
[ 15.441084] CR2:
00000000000000d0 CR3:
000000042c374000 CR4:
00000000000006e0
[ 15.442016] Call Trace:
[ 15.442333] <IRQ>
[ 15.442596] validate_xmit_skb+0x17/0x270
[ 15.443134] validate_xmit_skb_list+0x38/0x60
[ 15.443698] sch_direct_xmit+0x102/0x190
[ 15.444198] __qdisc_run+0xe3/0x240
[ 15.444671] net_tx_action+0x121/0x140
[ 15.445177] __do_softirq+0xe2/0x224
[ 15.445654] irq_exit+0xbf/0xd0
[ 15.446072] smp_apic_timer_interrupt+0x5d/0x90
[ 15.446654] apic_timer_interrupt+0x7d/0x90
[ 15.447185] </IRQ>
[ 15.447460] RIP: 0010:native_safe_halt+0x2/0x10
[ 15.447992] RSP: 0018:
ffffc90000073f10 EFLAGS:
00000282 ORIG_RAX:
ffffffffffffff10
[ 15.449008] RAX:
ffffffff816667d0 RBX:
ffffffff820946b0 RCX:
0000000000000000
[ 15.449895] RDX:
0000000000000000 RSI:
0000000000000000 RDI:
0000000000000000
[ 15.450768] RBP:
ffffffff82026940 R08:
00000004e858e5e1 R09:
ffff88042a4b6d58
[ 15.451643] R10:
0000000000000000 R11:
000000d0d56879bb R12:
0000000000000000
[ 15.452478] R13:
0000000000000000 R14:
0000000000000000 R15:
0000000000000000
[ 15.453340] ? __sched_text_end+0x2/0x2
[ 15.453835] default_idle+0xf/0x20
[ 15.454259] do_idle+0x170/0x200
[ 15.454653] cpu_startup_entry+0x14/0x20
[ 15.455142] secondary_startup_64+0xa5/0xb0
[ 15.455715] Code: 1f 84 00 00 00 00 00 55 53 48 89 fd 48 83 ec 08 8b 87 bc 00 00 00 48 8b 8f c0 00 00 00 0f b6 97 81 00 00 00 48 8b 77 10 48 01 c8 <48> 8b 9
[ 15.458138] RIP: netif_skb_features+0x24/0x230 RSP:
ffff88043fd83e70
[ 15.458933] CR2:
00000000000000d0
[ 15.459352] ---[ end trace
083925903ae60570 ]---
Fixes:
6b921536f170 ("net: sk_buff rbnode reorg")
Cc: Stephen Hemminger <stephen@networkplumber.org>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Soheil Hassas Yeganeh <soheil@google.com>
Cc: Wei Wang <weiwan@google.com>
Cc: Willem de Bruijn <willemb@google.com>
Signed-off-by: Christoph Paasch <cpaasch@apple.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>