lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 29 Jan 2010 03:42:45 -0500 From: Jon Masters <jonathan@...masters.org> To: Patrick McHardy <kaber@...sh.net> Cc: linux-kernel <linux-kernel@...r.kernel.org>, netdev <netdev@...r.kernel.org>, netfilter-devel@...r.kernel.org Subject: Re: PROBLEM: reproducible crash KVM+nf_conntrack all recent 2.6 kernels Hi, So I did some poking (still trying to figure out netfilter a little internally) and looked over the handling of connection tracking. The oops reports I have been getting generally lie in __nf_conntrack_find, specifically within a hlist iterator that looks up the information for the current connection in a per-net namespace hashtable (under RCU, it's been locked already by the time we get in here). Here's the piece: hlist_nulls_for_each_entry_rcu(h, n, &net->ct.hash[hash], hnnode) { if (nf_ct_tuple_equal(tuple, &h->tuple)) { NF_CT_STAT_INC(net, found); local_bh_enable(); return h; } NF_CT_STAT_INC(net, searched); } Instrumenting the kernel at the moment and then setting up more of a debugging environment to poke at what goes wrong here. Perhaps there's some broken RCU assumption - I just spent the last few hours reading over netfilter source and Paul's RCU docs again to brush up. Perhaps you netdev folks can let me know if there's a handy netfilter debugging guide somewhere. Jon. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists