lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 7 Feb 2014 02:04:57 -0800 (PST) From: François-Xavier Le Bail <fx.lebail@...oo.com> To: "nicolas.dichtel@...nd.com" <nicolas.dichtel@...nd.com>, "netdev@...r.kernel.org" <netdev@...r.kernel.org> Cc: David Stevens <dlstevens@...ibm.com>, Bill Fink <billfink@...dspring.com>, Hannes Frederic Sowa <hannes@...essinduktion.org>, "David S. Miller" <davem@...emloft.net>, Alexey Kuznetsov <kuznet@....inr.ac.ru>, James Morris <jmorris@...ei.org>, Hideaki Yoshifuji <yoshfuji@...ux-ipv6.org>, Patrick McHardy <kaber@...sh.net> Subject: Re: [PATCH net-next v2] ipv6: enable anycast addresses as source addresses in ICMPv6 error messages > From: Nicolas Dichtel <nicolas.dichtel@...nd.com> > To: François-Xavier Le Bail <fx.lebail@...oo.com>; "netdev@...r.kernel.org" <netdev@...r.kernel.org> > Cc: David Stevens <dlstevens@...ibm.com>; Bill Fink <billfink@...dspring.com>; Hannes Frederic Sowa <hannes@...essinduktion.org>; David S. Miller <davem@...emloft.net>; Alexey Kuznetsov <kuznet@....inr.ac.ru>; James Morris <jmorris@...ei.org>; Hideaki Yoshifuji <yoshfuji@...ux-ipv6.org>; Patrick McHardy <kaber@...sh.net> > Sent: Friday, February 7, 2014 10:33 AM > Subject: Re: [PATCH net-next v2] ipv6: enable anycast addresses as source addresses in ICMPv6 error messages > > Le 06/02/2014 15:30, François-Xavier Le Bail a écrit : > >>> From: Nicolas Dichtel <nicolas.dichtel@...nd.com> >> >>> To: François-Xavier Le Bail <fx.lebail@...oo.com>; > "netdev@...r.kernel.org" <netdev@...r.kernel.org> >>> Cc: David Stevens <dlstevens@...ibm.com>; Bill Fink > <billfink@...dspring.com>; Hannes Frederic Sowa > <hannes@...essinduktion.org>; David S. Miller <davem@...emloft.net>; > Alexey Kuznetsov <kuznet@....inr.ac.ru>; James Morris > <jmorris@...ei.org>; Hideaki Yoshifuji <yoshfuji@...ux-ipv6.org>; > Patrick McHardy <kaber@...sh.net> >>> Sent: Thursday, February 6, 2014 3:01 PM >>> Subject: Re: [PATCH net-next v2] ipv6: enable anycast addresses as > source addresses in ICMPv6 error messages >>> >>> Le 06/02/2014 13:38, François-Xavier Le Bail a écrit : >>>>> From: Nicolas Dichtel <nicolas.dichtel@...nd.com> >>>> >>>> >>>>> Subject: Re: [PATCH net-next v2] ipv6: enable anycast > addresses as >>> source addresses in ICMPv6 error messages >>>>> >>>>> Le 19/01/2014 17:00, Francois-Xavier Le Bail a écrit : >>>>> >>>>>> - Uses ipv6_anycast_destination() in icmp6_send(). >>>>>> >>>>>> Suggested-by: Bill Fink <billfink@...dspring.com> >>>>>> Signed-off-by: Francois-Xavier Le Bail >>> <fx.lebail@...oo.com> >>>>> This patch causes an Oops on my target. >>>> >>>> What is your target ? >>> x86 32bits >>> >>>> >>>>> Here is the step to reproduce it: >>>>> modprobe sit >>>>> ip link add sit1 type sit remote 10.16.0.121 local > 10.16.0.249 >>>>> ip l s sit1 up >>>>> ip -6 a a dev sit1 2001:1234::123 remote 2001:1234::121 >>>>> ping6 2001:1234::121 >>>> >>>> I cannot reproduce this in my target (updated net-next x86_64) > and >>>> iproute2 from git. >>> I use linus tree (3.14-rc1+). >>> >>>> Can you send me your config file ? >>> See attachment. >>> >>> >>>> >>>>> The problem is that ipv6_anycast_destination() uses > unconditionally >>>>> skb_dst(skb), which is NULL in this case. >>>>> >>>>> Not sure what is the best way to fix this, any suggestions? >>>> >>>> I will try to reproduce first and see. >>> Note that the peer was not set up, hence the ping didn't work. >>> ipip6_err() calls ipip6_err_gen_icmpv6_unreach() which will drop the > dst >>> before calling icmpv6_send(). >>> >>> >>> Here is the backtrace: >>> [ 387.786155] BUG: unable to handle kernel NULL pointer dereference at > 00000096 >>> [ 387.787291] IP: [<c12f1568>] icmp6_send+0x79/0x596 >> >> [...] >> >>> [ 387.790055] [<f85ce03b>] ? tunnel64_err+0x16/0x25 [tunnel4] >> >> Thanks for these informations. >> >> Can you test an alternative replacing: >> >> test on: ipv6_anycast_destination(skb) >> by >> test on: ipv6_chk_acast_addr_src(net, skb->dev, &hdr->daddr) > It's ok with this function. Do you submit the corresponding patch? Yes, thanks you for the report and the tests. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists