| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 15 Mar 2007 13:33:12 +0300 From: Kirill Korotaev <dev@...ru> To: devel@...nvz.org CC: adobriyan@...ru, netdev@...r.kernel.org Subject: Re: [Devel] Re: [PATCH] Copy mac_len in skb_clone() as well David Miller wrote: > From: Alexey Dobriyan <adobriyan@...ru> > Date: Wed, 14 Mar 2007 16:07:11 +0300 > > >>ANK says: "It is rarely used, that's wy it was not noticed. >>But in the places, where it is used, it should be disaster." >> >>Signed-off-by: Alexey Dobriyan <adobriyan@...ru> > > > Applied. > > What bug triggered that helped you discover this? Or is it > merely from a code audit? Ohhh, it is a fairy-tale to tell the truth :) We had some unexplainable problems with java application in OpenVZ kernel. It didn't work sometimes, but worked fine (!) with CONFIG_SLAB_DEBUG. Alexey blamed java :), but ... Then we found that poising one of the bits in slab cache was curing it. After that we found that the problem is related to fclone cache. And then we found that not all the fields are initialized during cloning. The bug was related to our own skb->field we introduced, but we analyzed the code and found this as well. Thanks, Kirill - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists