Commit 3c53cd65 authored by Bernard Pidoux's avatar Bernard Pidoux Committed by David S. Miller

rose: check NULL rose_loopback_neigh->loopback

Commit 3b3fd068 added NULL check for
`rose_loopback_neigh->dev` in rose_loopback_timer() but omitted to
check rose_loopback_neigh->loopback.

It thus prevents *all* rose connect.

The reason is that a special rose_neigh loopback has a NULL device.

/proc/net/rose_neigh illustrates it via rose_neigh_show() function :
[...]
seq_printf(seq, "%05d %-9s %-4s   %3d %3d  %3s     %3s %3lu %3lu",
	   rose_neigh->number,
	   (rose_neigh->loopback) ? "RSLOOP-0" : ax2asc(buf, &rose_neigh->callsign),
	   rose_neigh->dev ? rose_neigh->dev->name : "???",
	   rose_neigh->count,

/proc/net/rose_neigh displays special rose_loopback_neigh->loopback as
callsign RSLOOP-0:

addr  callsign  dev  count use mode restart  t0  tf digipeaters
00001 RSLOOP-0  ???      1   2  DCE     yes   0   0

By checking rose_loopback_neigh->loopback, rose_rx_call_request() is called
even in case rose_loopback_neigh->dev is NULL. This repairs rose connections.

Verification with rose client application FPAC:

FPAC-Node v 4.1.3 (built Aug  5 2022) for LINUX (help = h)
F6BVP-4 (Commands = ?) : u
Users - AX.25 Level 2 sessions :
Port   Callsign     Callsign  AX.25 state  ROSE state  NetRom status
axudp  F6BVP-5   -> F6BVP-9   Connected    Connected   ---------

Fixes: 3b3fd068 ("rose: Fix Null pointer dereference in rose_send_frame()")
Signed-off-by: default avatarBernard Pidoux <f6bvp@free.fr>
Suggested-by: default avatarFrancois Romieu <romieu@fr.zoreil.com>
Cc: Thomas DL9SAU Osterried <thomas@osterried.de>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent e82c649e
...@@ -96,7 +96,8 @@ static void rose_loopback_timer(struct timer_list *unused) ...@@ -96,7 +96,8 @@ static void rose_loopback_timer(struct timer_list *unused)
} }
if (frametype == ROSE_CALL_REQUEST) { if (frametype == ROSE_CALL_REQUEST) {
if (!rose_loopback_neigh->dev) { if (!rose_loopback_neigh->dev &&
!rose_loopback_neigh->loopback) {
kfree_skb(skb); kfree_skb(skb);
continue; continue;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment