[1/2] ip_vti: fix a null pointer deferrence when create vti fallback tunnel

After set fb_tunnels_only_for_init_net to 1, the itn->fb_tunnel_dev will
be NULL and will cause following crash:

[ 2742.849298] BUG: unable to handle kernel NULL pointer dereference at 0000000000000941
[ 2742.851380] PGD 800000042c21a067 P4D 800000042c21a067 PUD 42aaed067 PMD 0
[ 2742.852818] Oops: 0002 [#1] SMP PTI
[ 2742.853570] CPU: 7 PID: 2484 Comm: unshare Kdump: loaded Not tainted 4.18.0-rc8+ #2
[ 2742.855163] Hardware name: Fedora Project OpenStack Nova, BIOS seabios-1.7.5-11.el7 04/01/2014
[ 2742.856970] RIP: 0010:vti_init_net+0x3a/0x50 [ip_vti]
[ 2742.858034] Code: 90 83 c0 48 c7 c2 20 a1 83 c0 48 89 fb e8 6e 3b f6 ff 85 c0 75 22 8b 0d f4 19 00 00 48 8b 93 00 14 00 00 48 8b 14 ca 48 8b 12 <c6> 82 41 09 00 00 04 c6 82 38 09 00 00 45 5b c3 66 0f 1f 44 00 00
[ 2742.861940] RSP: 0018:ffff9be28207fde0 EFLAGS: 00010246
[ 2742.863044] RAX: 0000000000000000 RBX: ffff8a71ebed4980 RCX: 0000000000000013
[ 2742.864540] RDX: 0000000000000000 RSI: 0000000000000013 RDI: ffff8a71ebed4980
[ 2742.866020] RBP: ffff8a71ea717000 R08: ffffffffc083903c R09: ffff8a71ea717000
[ 2742.867505] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8a71ebed4980
[ 2742.868987] R13: 0000000000000013 R14: ffff8a71ea5b49c0 R15: 0000000000000000
[ 2742.870473] FS:  00007f02266c9740(0000) GS:ffff8a71ffdc0000(0000) knlGS:0000000000000000
[ 2742.872143] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2742.873340] CR2: 0000000000000941 CR3: 000000042bc20006 CR4: 00000000001606e0
[ 2742.874821] Call Trace:
[ 2742.875358]  ops_init+0x38/0xf0
[ 2742.876078]  setup_net+0xd9/0x1f0
[ 2742.876789]  copy_net_ns+0xb7/0x130
[ 2742.877538]  create_new_namespaces+0x11a/0x1d0
[ 2742.878525]  unshare_nsproxy_namespaces+0x55/0xa0
[ 2742.879526]  ksys_unshare+0x1a7/0x330
[ 2742.880313]  __x64_sys_unshare+0xe/0x20
[ 2742.881131]  do_syscall_64+0x5b/0x180
[ 2742.881933]  entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reproduce:
echo 1 > /proc/sys/net/core/fb_tunnels_only_for_init_net
modprobe ip_vti
unshare -n

Fixes: 79134e6ce2c9 (net: do not create fallback tunnels for non-default
namespaces)
Cc: Eric Dumazet <edumazet@google.com>
Signed-off-by: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>
---
 net/ipv4/ip_vti.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

From: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>
Date: Sun, 19 Aug 2018 15:05:04 +0800

> After set fb_tunnels_only_for_init_net to 1, the itn->fb_tunnel_dev will
> be NULL and will cause following crash:
 ...
> Reproduce:
> echo 1 > /proc/sys/net/core/fb_tunnels_only_for_init_net
> modprobe ip_vti
> unshare -n
> 
> Fixes: 79134e6ce2c9 (net: do not create fallback tunnels for non-default
> namespaces)
> Cc: Eric Dumazet <edumazet@google.com>
> Signed-off-by: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>

Applied, but please format your Fixes: tag properly next time.

Do not split up a Fixes tag into multiple lines, no matter how long it
is.  And enclose the commit header text in both parenthesis and double
quotes, not just parenthesis.  Like ("blah blah blah"), thank you.

> On 2018年8月20日, at 上午2:27, David Miller <davem@davemloft.net> wrote:
> 
> From: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>
> Date: Sun, 19 Aug 2018 15:05:04 +0800
> 
>> After set fb_tunnels_only_for_init_net to 1, the itn->fb_tunnel_dev will
>> be NULL and will cause following crash:
> ...
>> Reproduce:
>> echo 1 > /proc/sys/net/core/fb_tunnels_only_for_init_net
>> modprobe ip_vti
>> unshare -n
>> 
>> Fixes: 79134e6ce2c9 (net: do not create fallback tunnels for non-default
>> namespaces)
>> Cc: Eric Dumazet <edumazet@google.com>
>> Signed-off-by: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>
> 
> Applied, but please format your Fixes: tag properly next time.
> 
> Do not split up a Fixes tag into multiple lines, no matter how long it
> is.  And enclose the commit header text in both parenthesis and double
> quotes, not just parenthesis.  Like ("blah blah blah"), thank you.
> 

Okay, thanks for reviewing.