lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20080330184906.GB5133@ami.dom.local>
Date:	Sun, 30 Mar 2008 20:49:06 +0200
From:	Jarek Poplawski <jarkao2@...il.com>
To:	Bernard Pidoux <bpidoux@...e.fr>
Cc:	Francois Romieu <romieu@...zoreil.com>,
	Linux Netdev List <netdev@...r.kernel.org>,
	Jarek Poplawski <jarkao2@...pl>
Subject: Re: [AX25] kernel panic

On Sun, Mar 30, 2008 at 07:38:51PM +0200, Bernard Pidoux wrote:
...
> There is no more warnings and no more ax25_frames_acked or
> sk_ax25_debug.
>
> We only get ax25_create and ax25_release data, plus ax25_make_new when  
> there is an AX25 connexion.
>
> cat /var/log/messages | grep 'Mar 30 17' | grep AX...
> Mar 30 17:00:58 f6bvp-9 kernel: AX25+ ax25_create, 866, c73a6738, c3300040
> Mar 30 17:00:58 f6bvp-9 kernel: AX25- ax25_release, 959, c73a6738, c3300040
> Mar 30 17:00:58 f6bvp-9 kernel: AX25+ ax25_create, 866, c73a6738, c3300040
> Mar 30 17:00:58 f6bvp-9 kernel: AX25- ax25_release, 959, c73a6738, c3300040
> Mar 30 17:01:23 f6bvp-9 kernel: AX25; ax25_make_new, 943, c73a6738, c762a820
> Mar 30 17:01:23 f6bvp-9 kernel: AX25= ax25_accept, 1386, c73a6738,  
> c762a820, c3300040
> Mar 30 17:01:58 f6bvp-9 kernel: AX25+ ax25_create, 866, c73a6f68, c7673ac0
> Mar 30 17:01:58 f6bvp-9 kernel: AX25- ax25_release, 959, c73a6f68, c7673ac0
> Mar 30 17:01:58 f6bvp-9 kernel: AX25+ ax25_create, 866, c73a6f68, c7673ac0

Yes, if it's only like this, it's OK.
>
>
> Please excuse the following questions if you find they are too naive.
> Could you tell us how did you suspect ROSE socket from the data  
> collected ? and why improperly released ROSE sockets could interfere  
> with AX25 ?

No problem! Patch #3 added to "sk_ax25_debug =" sk->sk_family as the
2nd number, and 11 according to include/linux/socket.h means AF_ROSE.

sock_def_write() function in net/core/sock.c where the OOPs triggered
runs some cleaning on sockets when their skbs are kfreed, but this
shouldn't be done after socket had been closed (sock_orphan() removes
some pointers). When ROSE sends it's skbs with ax25_send_frame(), they
are added to AX25 queues, and kfreed after transmitting. If it's after
ROSE socket had been released, but not properly updated, the cleaning
is done on kfreed memory not used by the socket anymore.

Cheers,
Jarek P.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ