lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 24 Aug 2010 21:19:59 +0200
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Plamen Petrov <pvp-lsts@...uni-ruse.bg>
Cc:	Jarek Poplawski <jarkao2@...il.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	netdev@...r.kernel.org, bugzilla-daemon@...zilla.kernel.org,
	bugme-daemon@...zilla.kernel.org
Subject: Re: [Bugme-new] [Bug 16626] New: Machine hangs with EIP at
 skb_copy_and_csum_dev

Le mardi 24 août 2010 à 20:25 +0300, Plamen Petrov a écrit :
> Above patch applied, and happy to report the machine now spits data
> in the logs instead of oopsing. Here is what we have now: 
> [  707.276981] ---[ end trace 75e4f8534893c910 ]---
> [  707.376998] 100: csum_start 306, offset 16, headroom 390, headlen 70, 
> len 70
> [  707.477015] nr_frags=0 gso_size=0
> [  707.577031]
> [ 1021.032794] ---[ end trace 75e4f8534893c911 ]---
> [ 1021.132812] 100: csum_start 306, offset 16, headroom 390, headlen 153, 
> len 153
> [ 1021.232828] nr_frags=0 gso_size=0
> [ 1021.332844] 
> 

Thanks !

csum_offset = 16.

so its offsetof(struct tcphdr, check)

maybe a bug in net/ipv4/netfilter/nf_nat_helper.c ?

We should trace all spots where we set csum_start/csum_offset

Or/And trace the skb content.

Please add a :

print_hex_dump(KERN_ERR, "skb data:", DUMP_PREFIX_OFFSET, 
               16, 1, skb->head, skb_end_pointer(skb)-skb->head,true);


call in skb_csum_start_bug(), right after the pr_err("\n") and before
the "return 1;"


int skb_csum_start_bug(const struct sk_buff *skb, int pos)
{

        if (skb->ip_summed == CHECKSUM_PARTIAL) {
                long csstart;

                csstart = skb->csum_start - skb_headroom(skb);
                if (WARN_ON(csstart > skb_headlen(skb))) {
                        int i;

                        pr_err("%d: csum_start %u, offset %u, headroom %d, headlen %d, len %d\n",
                                   pos, skb->csum_start, skb->csum_offset, skb_headroom(skb),
                                   skb_headlen(skb), skb->len);
                        pr_err("nr_frags=%u gso_size=%u ",
                                        skb_shinfo(skb)->nr_frags,
                                        skb_shinfo(skb)->gso_size);
                        for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) {
                                pr_err("frag_size=%u ", skb_shinfo(skb)->frags[i].size);
                        }
                        pr_err("\n");
                        print_hex_dump(KERN_ERR, "skb data:", DUMP_PREFIX_OFFSET,
                                16, 1, skb->head, skb_end_pointer(skb) - skb->head, true);
                        return 1;
                }
        }
        return 0;
}


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ