lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20161010.203019.388602181022157591.davem@davemloft.net>
Date:   Mon, 10 Oct 2016 20:30:19 -0400 (EDT)
From:   David Miller <davem@...emloft.net>
To:     torvalds@...ux-foundation.org
Cc:     aconole@...hat.com, fw@...len.de, viro@...iv.linux.org.uk,
        akpm@...ux-foundation.org, axboe@...com, tytso@....edu,
        cl@...ux.com, pablo@...filter.org, linux-kernel@...r.kernel.org,
        linux-fsdevel@...r.kernel.org, netdev@...r.kernel.org,
        netfilter-devel@...r.kernel.org
Subject: Re: slab corruption with current -git

From: Linus Torvalds <torvalds@...ux-foundation.org>
Date: Mon, 10 Oct 2016 12:05:17 -0700

> David - I think that also explains what was wrong with the old code.
> In the old code, this loop:
> 
>         while (hooks_entry && nf_entry_dereference(hooks_entry->next)) {
> 
> would exit with "hooks_entry" pointing to the last list entry (because
> ->next was NULL). Nothing was ever unlinked in the loop itself,
> because it never actually found a matching entry, but then after the
> loop it would free that last entry because it *thought* that was the
> match.

It only does this when the ops don't match, but yes it can happen.

Linus can you add some extra info to that:

		WARN(1, "nf_unregister_net_hook: hook not found!\n");

diagnostic, such as the reg->pf and reg->hooknum values?

That might help track down why this is happening in the first
place.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ