| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20110927202405.GB27713@redhat.com>
Date: Tue, 27 Sep 2011 16:24:05 -0400
From: Dave Jones <davej@...hat.com>
To: David Miller <davem@...emloft.net>
Cc: netdev@...r.kernel.org
Subject: Re: __pskb_pull_tail oops from 2.6.35
On Tue, Sep 27, 2011 at 04:18:48PM -0400, David Miller wrote:
> From: Dave Jones <davej@...hat.com>
> Date: Tue, 27 Sep 2011 16:15:00 -0400
>
> > It looks like it died in put_page..
> >
> > <1>[ 262.574991] IP: [<ffffffff810dca57>] put_page+0x10/0x7c
> >
> > which is only called in one place..
> >
> > 1267 for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) {
> > 1268 if (skb_shinfo(skb)->frags[i].size <= eat) {
> > 1269 put_page(skb_shinfo(skb)->frags[i].page);
> > 1270 eat -= skb_shinfo(skb)->frags[i].size;
> > 1271 } else {
>
> That's a pretty serious corruption, all frag array entries from 0 to
> nr_frags should have valid, non-NULL page pointers.
>
> Maybe a LRO/GRO bug? There were a couple of those.
I'll see if I can talk him into trying a self-built kernel, as we're not
rebasing f14 at this point in its life-cycle. If it turns out to still affect
3.x, I'll bring it up again.
Dave
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists