On Sun, Dec 31, 2017 at 04:18:56PM +0100, Sabrina Dubroca wrote:
> request_module can sleep, thus we cannot hold rcu_read_lock() while
> calling it. The function also jumps back and takes rcu_read_lock()
> again (in xfrm_state_get_afinfo()), resulting in an imbalance.
>
> This codepath is triggered whenever a new offloaded state is created.
>
> Fixes: ffdb5211da1c ("xfrm: Auto-load xfrm offload modules")
> Reported-by:
> syzbot+ca425f44816d749e8eb49755567a75ee48cf4...@syzkaller.appspotmail.com
> Signed-off-by: Sabrina Dubroca <s...@queasysnail.net>
Patch applied, thanks a lot for the fix Sabrina!
