lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <80769D7B14936844A23C0C43D9FBCF0F254E49A854@orsmsx501.amr.corp.intel.com>
Date:	Tue, 23 Mar 2010 11:32:19 -0700
From:	"Duyck, Alexander H" <alexander.h.duyck@...el.com>
To:	David Miller <davem@...emloft.net>,
	"akpm@...ux-foundation.org" <akpm@...ux-foundation.org>
CC:	"kaber@...sh.net" <kaber@...sh.net>,
	"Kirsher, Jeffrey T" <jeffrey.t.kirsher@...el.com>,
	"Brandeburg, Jesse" <jesse.brandeburg@...el.com>,
	"Allan, Bruce W" <bruce.w.allan@...el.com>,
	"Waskiewicz Jr, Peter P" <peter.p.waskiewicz.jr@...el.com>,
	"bugzilla-daemon@...zilla.kernel.org" 
	<bugzilla-daemon@...zilla.kernel.org>,
	"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
	"stivi@...y.pl" <stivi@...y.pl>
Subject: RE: [Bug 15582] New: BUG: unable to handle kernel NULL pointer
 dereference at 0000000000000028

David Miller wrote:
> From: Andrew Morton <akpm@...ux-foundation.org>
> Date: Mon, 22 Mar 2010 16:14:16 -0700
> 
>> 
>> (switched to email.  Please respond via emailed reply-to-all, not
>> via the bugzilla web interface). 
>> 
>> On Fri, 19 Mar 2010 12:01:10 GMT
>> bugzilla-daemon@...zilla.kernel.org wrote:
>> 
>>> http://bugzilla.kernel.org/show_bug.cgi?id=15582
>>> 
>>>            Summary: BUG: unable to handle kernel NULL pointer
>>>                     dereference at 0000000000000028
>> 
>> A bug in igb or the vlan code, I guess.
> 
> Hmmm, should have been fixed by:
> 
> commit d1c76af9e2434fac3add561e26c61b06503de986
> Author: Herbert Xu <herbert@...dor.apana.org.au>
> Date:   Mon Mar 16 10:50:02 2009 -0700
> 
>     GRO: Move netpoll checks to correct location
> 
> 
> ...
> 
> Nevermind, the backtrace signature is different for this
> one.

Actually I think this may be a bug in igb_receive_skb.  My guess would be that promiscuous mode is somehow being enabled which is turning off the vlan filtering and as a result we are probably picking up vlan traffic when we have no vlans registered.  The null pointer in that case would be adapter->vlgrp.

The patch below should address it.  However I suspect it will get mangled by our email system here so I don't believe it will apply.  I have also sent a copy of to Jeff to pull into his tree for testing and submission.

Thanks,

Alex

---

This change makes it so that vlan_gro_receive is only used if vlans have been
registered to the adapter structure.  Previously we were just sending all vlan
tagged frames in via this function but this results in a null pointer
dereference when vlans are not registered.

Signed-off-by: Alexander Duyck <alexander.h.duyck@...el.com>
---

 drivers/net/igb/igb_main.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)


diff --git a/drivers/net/igb/igb_main.c b/drivers/net/igb/igb_main.c
index 45a0e4f..7855f71 100644
--- a/drivers/net/igb/igb_main.c
+++ b/drivers/net/igb/igb_main.c
@@ -5110,7 +5110,7 @@ static void igb_receive_skb(struct igb_q_vector *q_vector,
 {
 	struct igb_adapter *adapter = q_vector->adapter;
 
-	if (vlan_tag)
+	if (vlan_tag && adapter->vlgrp)
 		vlan_gro_receive(&q_vector->napi, adapter->vlgrp,
 		                 vlan_tag, skb);
 	else--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ