lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Sun, 03 Sep 2006 16:46:19 +0200
From:	Patrick McHardy <kaber@...sh.net>
To:	¶­¶­Ù© <doublefacer007@...il.com>
CC:	linux-kernel@...r.kernel.org
Subject: Re: kernel BUG in ip_nat_helper_unregister at netfilter/ip_nat_helper.c

¶­¶­Ù© wrote:

>  When the num of conntrack is up to 15000,I rmmod the ip_nat_ftp
> and ip_conntrack _ftp modules by typing "modprobe -r ip_nat_ftp"
> command and then the kernel is dead locked.
> I think that the dead lock is caused by ip_conntrack_lock and
> ip_nat_lock.When I rmmod the ip_nat_ftp module, the function flow is
> as following:
> ip_nat_helper_unregister->ip_ct_selective_cleanup->get_next_corpse(ip_conntrack_lock)
> 
> ->kill_helper(ip_nat_lock)
> But the kernel there is another flow is as following:
> ip_nat_fn(ip_nat_lock)->ip_nat_setup_info->ip_conntrack_alter_reply(ip_conntrack_lock)

Good spotting. The lock in kill_helper is unnecessary since the helper
is not changed once set and new connections can't get the helper that
is beeing unregistered assigned since it is already removed from the
list at this point.

Please try if this patch helps.

View attachment "x" of type "text/plain" (476 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ