lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20130529225419.GA6475@verge.net.au>
Date:	Thu, 30 May 2013 07:54:22 +0900
From:	Simon Horman <horms@...ge.net.au>
To:	Olof Johansson <olof@...om.net>
Cc:	dev <dev@...nvswitch.org>,
	Network Development <netdev@...r.kernel.org>,
	Jesse Gross <jesse@...ira.com>,
	Pravin B Shelar <pshelar@...ira.com>,
	"jarno.rajahalme" <jarno.rajahalme@....com>,
	Eric Dumazet <eric.dumazet@...il.com>,
	Maciej Żenczykowski <maze@...gle.com>,
	David Miller <davem@...emloft.net>
Subject: Re: [PATCH net-next v5 1/2] net: Use 16bits for *_headers fields of
 struct skbuff

On Wed, May 29, 2013 at 02:46:05PM -0700, Olof Johansson wrote:
> Sorry, that was not a great bug report.
> 
> So, looks like it's the removal of NET_SKBUFF_DATA_USES_OFFSET that
> does it for me.
> 
> The devices I've seen it with are with asix usb-ethernet adapters (on
> Tegra seaboard) and with mv643xx_eth on cubox (dove).
> 
> I'll try to get a better stacktrace out of it. Simon, maybe you can
> reproduce on shmobile hardware?

Sure, I will try and reproduce it.

I did subsequently post some fixes for fallout resulting from
the patch listed below. Those changes are now net-next.
Are you seeing the crash with those patches?

The fix-up patches are:

net,ipv4,ipv6: Correct assignment of skb->network_header to skb->tail
sctp: Correct access to skb->{network,transport}_header
ipv4: Correct comparisons and calculations using skb->tail and skb-transport_header
ipv6: Correct comparisons and calculations using skb->tail and skb-transport_header
net: Correct comparisons and calculations using skb->tail and skb-transport_header
cxgb3: Correct comparisons and calculations using skb->tail and skb-transport_header
isdn: Correct comparison of skb->tail and skb-transport_header
net: Fix build warnings after mac_header and transport_header became __u16.


> 
> 
> 
> On Wed, May 29, 2013 at 2:21 PM, Olof Johansson <olof@...om.net> wrote:
> > Simon,
> >
> > On Thu, May 23, 2013 at 11:51 PM, Simon Horman <horms@...ge.net.au> wrote:
> >> In order to mitigate ongoing incresase in the size of struct skbuff
> >> use 16 bit integer offsets rather than pointers for inner_*_headers.
> >>
> >> This appears to reduce the size of struct skbuff from 0xd0 to 0xc0
> >> bytes on x86_64 with the following all unset.
> >>
> >>         CONFIG_XFRM
> >>         CONFIG_NF_CONNTRACK
> >>         CONFIG_NF_CONNTRACK_MODULE
> >>         NET_SKBUFF_NF_DEFRAG_NEEDED
> >>         CONFIG_BRIDGE_NETFILTER
> >>         CONFIG_NET_SCHED
> >>         CONFIG_IPV6_NDISC_NODETYPE
> >>         CONFIG_NET_DMA
> >>         CONFIG_NETWORK_SECMARK
> >>
> >> Signed-off-by: Simon Horman <horms@...ge.net.au>
> >
> > I'm getting crashes in csum_partial() on several ARM platforms that I
> > bisected down to this patch (and reverting this + "MPLS:
> > Add limited GSO support" due to conflicts) results in a working kernel.
> >
> > The failures started with the 0529 linux-next, didn't exist in 0528.
> >
> > Unfortunately I'm not getting a useful stack from the crashes:
> >
> > [    6.495560] Unable to handle kernel paging request at virtual
> > address eb000000
> > [    6.502769] pgd = e9084000
> > [    6.505465] [eb000000] *pgd=00000000
> > [    6.509034] Internal error: Oops: 5 [#1] PREEMPT SMP ARM
> > [    6.514329] Modules linked in:
> > [    6.517378] CPU: 0 PID: 0 Comm: swapper/0 Not tainted
> > 3.10.0-rc2-00483-g1a37e41 #27
> > [    6.525015] task: c06e1980 ti: c06d6000 task.ti: c06d6000
> > [    6.530402] PC is at csum_partial+0x40/0x130
> > [    6.534658] LR is at 0x0
> > [    6.537181] pc : [<c01e3150>]    lr : [<00000000>]    psr: 000f0113
> > [    6.537181] sp : c06d7d88  ip : e700c060  fp : c06d80c0
> > [    6.548631] r10: e90e2140  r9 : e9006050  r8 : 00000001
> > [    6.553839] r7 : e9006020  r6 : e9b7e400  r5 : 00000000  r4 : 00000000
> > [    6.560348] r3 : 00000000  r2 : 73129f9e  r1 : e900601c  r0 : eb000000
> > [    6.566857] Flags: nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM
> > Segment kernel
> > [    6.574146] Control: 10c5387d  Table: 2908404a  DAC: 00000015
> > [    6.579874] Process swapper/0 (pid: 0, stack limit = 0xc06d6238)
> > [    6.585862] Stack: (0xc06d7d88 to 0xc06d8000)
> > [    6.590207] 7d80:                   c0714fc0 e900601c e9006050
> > c043a0b8 00000000 e92737b0
> > [    6.598365] 7da0: e9273740 c043c1d4 c0010208 c0f83cc0 c06d4cc0
> > c0f83cc0 00000000 e9b32000
> > [    6.606523] 7dc0: c06d4cc0 00000001 c06d80c0 e9273758 00989680
> > 00000000 00000001 e9b7aec0
> > [    6.614680] 7de0: 00000000 e90e2140 e9b7af30 e9b7e400 e9b7e490
> > 00000000 00000001 c043c5d4
> > [    6.622838] 7e00: 00000001 7cdfa980 00000001 e9b7e458 c06d6000
> > 00000101 c06d6030 c043c414
> > [    6.630995] 7e20: 00200200 00000000 c06d80c0 c002fbe8 00000002
> > 7c4716e8 e9b7e458 c073fb80
> > [    6.639153] 7e40: c043c414 e9b7e400 c06d7e68 c002fde8 00000000
> > c0f82678 00000000 c0740394
> > [    6.647310] 7e60: c0740594 c0740794 c06d7e68 c06d7e68 00000006
> > 00000001 00000004 c06d8088
> > [    6.655468] 7e80: c06d8080 c06d6000 00000001 00000004 00000101
> > c002a57c 7c4716e8 00000001
> > [    6.663625] 7ea0: c06d37e0 00000000 c073f940 c06d80c0 ffff8d4f
> > c06e4970 00200000 c06d6018
> > [    6.671783] 7ec0: c02025e8 c06d6028 0000001d 00000000 fe000100
> > 00000000 00000000 c06d6000
> > [    6.679940] 7ee0: c06de42c c002a9a4 c06d3fac c000eaa0 fe00010c
> > c06df074 c06d7f18 c00086f8
> > [    6.688098] 7f00: c0061288 c032b560 600f0013 ffffffff c06d7f4c
> > c000de60 c06d7f60 00000006
> > [    6.696255] 7f20: 7c471300 00000001 7c3bbca8 00000001 c0f83110
> > c06e3cd4 00000000 00000000
> > [    6.704413] 7f40: c06d6000 c06de42c 00000015 c06d7f60 c0061288
> > c032b560 600f0013 ffffffff
> > [    6.712571] 7f60: 7c471300 00000001 c0765ac8 c04fe16c c0f83110
> > c0765ac8 00000000 c06e3cd4
> > [    6.720728] 7f80: 00000000 c032b6b8 00004c9c c071ddc7 c06de490
> > c04fe16c c06d6000 c071ddc7
> > [    6.728886] 7fa0: c06d6000 c000edb4 00004c9c c0060b3c c04fe5fc
> > c0f7f9c0 00000000 c069f828
> > [    6.737043] 7fc0: ffffffff ffffffff c069f2e8 00000000 00000000
> > c06cbac0 00000000 10c5387d
> > [    6.745200] 7fe0: c06de3f4 c06cbabc c06e28e4 0000406a 411fc090
> > 00008074 00000000 00000000
> > [    6.753359] Code: e0b22003 e0b22004 e0b22005 e0b2200e (e8b04038)
> > [    6.759438] ---[ end trace 40c34f89615c2c53 ]---
> > [    6.764041] Kernel panic - not syncing: Fatal exception in interrupt
> > [    6.770386] CPU1: stopping
> > [    6.773086] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G      D
> > 3.10.0-rc2-00483-g1a37e41 #27
> >
> >
> > -Olof
> 
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ