lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sun, 8 Nov 2015 14:51:01 +0100
From:	Gerhard Wiesinger <lists@...singer.com>
To:	Greg KH <gregkh@...uxfoundation.org>
Cc:	Willy Tarreau <w@....eu>,
	Linux Kernel Network Developers <netdev@...r.kernel.org>,
	netfilter-devel@...r.kernel.org, linux-kernel@...r.kernel.org,
	Andrew Morton <akpm@...ux-foundation.org>,
	torvalds@...ux-foundation.org, stable@...r.kernel.org, lwn@....net,
	Jiri Slaby <jslaby@...e.cz>
Subject: Re: Linux 4.2.4

On 25.10.2015 17:29, Greg KH wrote:
> On Sun, Oct 25, 2015 at 11:48:54AM +0100, Gerhard Wiesinger wrote:
>> On 25.10.2015 10:46, Willy Tarreau wrote:
>>> ipset *triggered* the problem. The whole stack dump would tell more.
>> OK, find the stack traces in the bug report:
>> https://bugzilla.redhat.com/show_bug.cgi?id=1272645
>>
>> Kernel 4.1.10 triggered also a kernel dump when playing with ipset commands
>> and IPv6, details in the bug report  ....
>>
>>>> Kernel 4.2 seems to me not well tested in the netfilter parts at all
>>>> (Bug with already known bugfix
>>>> https://lists.debian.org/debian-kernel/2015/10/msg00034.html was
>>>> triggered on 2 of 3 of my machines, the new bug on 1 of 1 tested machine).
>>> There's a reason why Greg maintains stable and LTS kernels :-)
>> Stable kernels don't crash but definiton. :-)
>>
>> At least triggered 2 kernel panics in 5min, even with 4.1.10 and ipset
>> commands ...
> Does this happen also with Linus's tree?  I suggest you ask the
> networking developers about this on netdev@...r.kernel.org, there's
> nothing that I can do on my own about this, sorry.

Patch is now available, see:
[PATCH 0/3] ipset patches for nf
https://marc.info/?l=netfilter-devel&m=144690007708041&w=2
https://marc.info/?l=netfilter-devel&m=144690007808042&w=2
https://marc.info/?l=netfilter-devel&m=144690008608043&w=2
https://marc.info/?l=netfilter-devel&m=144690007708039&w=2
[ANNOUNCE] ipset 6.27 released
https://marc.info/?l=netfilter-devel&m=144690048308099&w=2

Requires also new userland ipset version.

Please integrate it upstream.

Thanx to Jozsef Kadlecsik for fixing it.

Ciao,
Gerhard

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists