lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20070517173846.GF4325@austin.ibm.com>
Date:	Thu, 17 May 2007 12:38:46 -0500
From:	linas@...tin.ibm.com (Linas Vepstas)
To:	Benjamin Herrenschmidt <benh@...nel.crashing.org>
Cc:	Tsutomu OWA <tsutomu.owa@...hiba.co.jp>, linuxppc-dev@...abs.org,
	mingo@...e.hu, tglx@...utronix.de, cbe-oss-dev@...abs.org,
	netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: Resending: RT patches expose netdev race [was Re: [RFC] [patch 2/2] powerpc 2.6.21-rt1: fix kernel hang and/or panic

On Thu, May 17, 2007 at 10:49:45AM +1000, Benjamin Herrenschmidt wrote:
> 
> > I do not know why sk_buff->head would be null, or
> > would be set in a racy kind of way, or why the rt patches
> > would cause this. But the evidence implicates that.
> 
> Would it be possible that a locking bug in spidernet would cause it
> under some circumstances to get a stale skb pointer ?

The skb pointer should be brand-spanking new/fresh. 
It is passed to spidernet by the netdev->hard_start_xmit
callback:

    netdev->hard_start_xmit = &spider_net_xmit;

I'd expect that anything that hard_start_xmit() passed to 
a device driver should have a fully valid skb.  Locking
problems in spidernet could cause it to work with the wrong 
skb; however, in this case, the skb pointer is passed 
unmodified, directly to the spot where it fails.

Maybe there is some "make ip header fresh and clean on skb" call
that should have been made; if so, I don't know what it is. 

--linas
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ