Re: kernel BUG at net/core/skbuff.c in linux-2.6.21-rc6

From: Paul Mackerras
Date: Sat Apr 14 2007 - 12:50:03 EST

Next message: Jiri Slaby: "Re: [RFC 1/1] Char: mxser_new, fix recursive locking"
Previous message: Gene Heskett: "What the heck?"
In reply to: Herbert Xu: "Re: kernel BUG at net/core/skbuff.c in linux-2.6.21-rc6"
Next in thread: David Miller: "Re: kernel BUG at net/core/skbuff.c in linux-2.6.21-rc6"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

David Miller writes:

> > It seems we fail to reserve enough headroom for the case
> > buf[0] == PPP_ALLSTATIONS and buf[1] != PPP_UI.
> >
> > Can you try this patch please?
>
> Any confirmation of this fix yet?

Indeed, ppp_async doesn't handle that case correctly.

RFC 1662 says:

The Control field is a single octet, which contains the binary
sequence 00000011 (hexadecimal 0x03), the Unnumbered Information
(UI) command with the Poll/Final (P/F) bit set to zero.

The use of other Control field values may be defined at a later
time, or by prior agreement. Frames with unrecognized Control
field values SHOULD be silently discarded.

In what situation were we getting the frames that cause the problem?

I didn't see the patch (the message that this is a reply to is the
first one that I have seen in this thread), so I can't comment on it.

Paul.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jiri Slaby: "Re: [RFC 1/1] Char: mxser_new, fix recursive locking"
Previous message: Gene Heskett: "What the heck?"
In reply to: Herbert Xu: "Re: kernel BUG at net/core/skbuff.c in linux-2.6.21-rc6"
Next in thread: David Miller: "Re: kernel BUG at net/core/skbuff.c in linux-2.6.21-rc6"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]