Re: v3.10-rc7 oops soon after boot
From: Pablo Neira Ayuso
Date: Mon Jun 24 2013 - 11:10:42 EST
On Mon, Jun 24, 2013 at 01:34:41PM +0200, Pablo Neira Ayuso wrote:
> On Mon, Jun 24, 2013 at 05:52:08PM +0800, Gao feng wrote:
> > On 06/24/2013 05:41 PM, George Spelvin wrote:
> > >> Please try the patch below,
> > >> I think this bug is introduced by me :(
> > >>
> > >> Thanks!
> > >
> > > Well, you changed it, but it still crashes.
> > >
> > > It's now at del_timer+0x9/0x58, with the code being:
> >
> > This one should work.
> >
> > Thanks for your quickly reply.
>
> I managed to crash it using a group != 1 (default) and enabling
> batching:
>
> iptables -I INPUT -j ULOG --ulog-nlgroup 2 --ulog-qthresh 50
>
> It seems ulog->nlgroup[i] is always left unset.
>
> I have mangled your patch, find it attached.
> From 79da8ea854c06ca9320decbb2f9d2e8d25b2f7e5 Mon Sep 17 00:00:00 2001
> From: Gao feng <gaofeng@xxxxxxxxxxxxxx>
> Date: Mon, 24 Jun 2013 17:04:02 +0800
> Subject: [PATCH] netfilter: ipt_ULOG: fix incorrect setting of ulog timer
>
> The parameter of setup_timer should be &ulog->nlgroup[i].
> the incorrect parameter will cause kernel panic in
> ulog_timer.
>
> Bug introducted in commit 355430671ad93546b34b4e91bdf720f3a704efa4
> "netfilter: ipt_ULOG: add net namespace support for ipt_ULOG"
>
> ebt_ULOG doesn't have this problem.
>
> Reported-by: Borislav Petkov <bp@xxxxxxxxx>
> Signed-off-by: Gao feng <gaofeng@xxxxxxxxxxxxxx>
> Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
I have applied the patch that I sent you.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/