Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit e9f50691 authored by Sean Tranchetti's avatar Sean Tranchetti
Browse files

net: tcp: check for NULL send head during MTU probe 



skb_peek() can return NULL when the socket write queue is empty. This
causes problems when using tcp_for_write_queue_from_safe(), as this macro
resolves down to "for (tmp = skb->next; ...", causing a NULL dereference.
Fix this by indicating that the tcp send queue head can not be coalesced
as there is nothing in it. This fixes the following:

Unable to handle kernel NULL pointer dereference
pc : tcp_write_xmit+0xe1c/0x1210
lr : tcp_write_xmit+0x38/0x1210
Call trace:
 tcp_write_xmit+0xe1c/0x1210
 tcp_tsq_write+0x110/0x140
 tcp_tasklet_func+0x120/0x170
 tasklet_action_common+0xec/0x128
 tasklet_action+0x20/0x28

By ending the MTU probe because of the empty send head.

Change-Id: I647577eaab888d43d3bda8af26379172d916ed3c
Signed-off-by: default avatarSean Tranchetti <stranche@codeaurora.org>
parent dcc90d4a
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment