linux-hardened/net/bluetooth
David S. Miller cf124db566 net: Fix inconsistent teardown and release of private netdev state.
Network devices can allocate reasources and private memory using
netdev_ops->ndo_init().  However, the release of these resources
can occur in one of two different places.

Either netdev_ops->ndo_uninit() or netdev->destructor().

The decision of which operation frees the resources depends upon
whether it is necessary for all netdev refs to be released before it
is safe to perform the freeing.

netdev_ops->ndo_uninit() presumably can occur right after the
NETDEV_UNREGISTER notifier completes and the unicast and multicast
address lists are flushed.

netdev->destructor(), on the other hand, does not run until the
netdev references all go away.

Further complicating the situation is that netdev->destructor()
almost universally does also a free_netdev().

This creates a problem for the logic in register_netdevice().
Because all callers of register_netdevice() manage the freeing
of the netdev, and invoke free_netdev(dev) if register_netdevice()
fails.

If netdev_ops->ndo_init() succeeds, but something else fails inside
of register_netdevice(), it does call ndo_ops->ndo_uninit().  But
it is not able to invoke netdev->destructor().

This is because netdev->destructor() will do a free_netdev() and
then the caller of register_netdevice() will do the same.

However, this means that the resources that would normally be released
by netdev->destructor() will not be.

Over the years drivers have added local hacks to deal with this, by
invoking their destructor parts by hand when register_netdevice()
fails.

Many drivers do not try to deal with this, and instead we have leaks.

Let's close this hole by formalizing the distinction between what
private things need to be freed up by netdev->destructor() and whether
the driver needs unregister_netdevice() to perform the free_netdev().

netdev->priv_destructor() performs all actions to free up the private
resources that used to be freed by netdev->destructor(), except for
free_netdev().

netdev->needs_free_netdev is a boolean that indicates whether
free_netdev() should be done at the end of unregister_netdevice().

Now, register_netdevice() can sanely release all resources after
ndo_ops->ndo_init() succeeds, by invoking both ndo_ops->ndo_uninit()
and netdev->priv_destructor().

And at the end of unregister_netdevice(), we invoke
netdev->priv_destructor() and optionally call free_netdev().

Signed-off-by: David S. Miller <davem@davemloft.net>
2017-06-07 15:53:24 -04:00
..
bnep net: remove MTU limits on a few ether_setup callers 2016-10-21 13:57:50 -04:00
cmtp sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
hidp Bluetooth: hidp: fix device disconnect on idle timeout 2015-10-21 00:49:23 +02:00
rfcomm Bluetooth: convert rfcomm_dlc.refcnt from atomic_t to refcount_t 2017-04-12 22:02:36 +02:00
6lowpan.c net: Fix inconsistent teardown and release of private netdev state. 2017-06-07 15:53:24 -04:00
a2mp.c locking/atomic, kref: Add kref_read() 2017-01-14 11:37:18 +01:00
a2mp.h Bluetooth: Add BT_HS config option 2015-07-30 13:31:59 +02:00
af_bluetooth.c Bluetooth: Avoid bt_accept_unlink() double unlinking 2017-04-12 22:02:37 +02:00
amp.c Bluetooth: fix assignments on error variable err 2017-04-12 22:02:38 +02:00
amp.h Bluetooth: Add BT_HS config option 2015-07-30 13:31:59 +02:00
ecdh_helper.c Bluetooth: Add selftest for ECDH key generation 2017-04-30 16:52:43 +03:00
ecdh_helper.h Bluetooth: convert smp and selftest to crypto kpp API 2017-04-25 04:53:42 +02:00
hci_conn.c Bluetooth: Fix using the correct source address type 2016-11-22 22:50:46 +01:00
hci_core.c Bluetooth: Change initial min and max interval 2017-04-12 22:02:38 +02:00
hci_debugfs.c Bluetooth: Add debugfs fields for hardware and firmware info 2016-07-18 09:33:28 +03:00
hci_debugfs.h Bluetooth: Provide option to enable/disable debugfs information 2015-02-15 18:54:13 +02:00
hci_event.c Bluetooth: fix spelling mistake: "advetising" -> "advertising" 2017-02-16 17:39:35 +01:00
hci_request.c sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
hci_request.h Bluetooth: Fix append max 11 bytes of name to scan rsp data 2016-10-19 18:42:37 +02:00
hci_sock.c Bluetooth: Fix user channel for 32bit userspace on 64bit kernel 2017-04-30 12:22:14 +02:00
hci_sysfs.c Bluetooth: Remove controller device attributes 2016-07-09 21:37:11 +03:00
Kconfig Bluetooth: convert smp and selftest to crypto kpp API 2017-04-25 04:53:42 +02:00
l2cap_core.c Bluetooth: L2CAP: Add l2cap_le_flowctl_send 2017-04-12 22:02:41 +02:00
l2cap_sock.c net: Work around lockdep limitation in sockets that use sockets 2017-03-09 18:23:27 -08:00
leds.c Bluetooth: Add combined LED trigger for controller power 2016-09-19 20:19:34 +02:00
leds.h Bluetooth: Add combined LED trigger for controller power 2016-09-19 20:19:34 +02:00
lib.c Bluetooth: Add BT_WARN and bt_dev_warn logging macros 2015-09-24 16:25:44 +02:00
Makefile Bluetooth: convert smp and selftest to crypto kpp API 2017-04-25 04:53:42 +02:00
mgmt.c Bluetooth: Fix append max 11 bytes of name to scan rsp data 2016-10-19 18:42:37 +02:00
mgmt_util.c Bluetooth: Add support for sending MGMT commands and events to monitor 2016-09-19 20:19:34 +02:00
mgmt_util.h Bluetooth: Add generic mgmt helper API 2015-03-17 18:03:08 +01:00
sco.c net: Work around lockdep limitation in sockets that use sockets 2017-03-09 18:23:27 -08:00
selftest.c Bluetooth: allocate data for kpp on heap 2017-04-30 12:22:05 +02:00
selftest.h Bluetooth: Add support for self testing framework 2014-12-30 08:53:55 +02:00
smp.c Bluetooth: Add selftest for ECDH key generation 2017-04-30 16:52:43 +03:00
smp.h Bluetooth: SMP: Add support for H7 crypto function and CT2 auth flag 2016-12-08 07:50:24 +01:00