| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20110706.035735.1271031398642349034.davem@davemloft.net> Date: Wed, 06 Jul 2011 03:57:35 -0700 (PDT) From: David Miller <davem@...emloft.net> To: netdev@...r.kernel.org CC: ralf@...ux-mips.org, linux-hams@...r.kernel.org Subject: instant oops with AF_ROSE The support for ipv4 over rose devices has been broken for as long as the code has existed (I went back to 2.0.x just to make sure). Try this: modprobe rose ip link set rose0 up ip addr add 11.0.0.3/8 dev rose0 ping -b 11.255.255.255 That should crash your box pretty well. The immediate reason is that rose_rebuild_header() calls rose_route_frame() with second arg NULL. The first thing rose_route_frame() does is take that second arg and dereference it in order to find the appropriate rose neighbour to use. Again, it has "worked" this way since day one. Ie. it never worked. Since this has never worked, I think the thing to do is to simply remove all of the rose device code. It's only used to provide support for ipv4 over ROSE and it simply never worked. If someone wants to resurrect this, that's fine, but they'll have to implement proper header_ops and a real transmit function instead of the hacky thing it does now where it does the transmit in the header building routines :-/ -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists