Re: 3.16/3.16.1: Kernel Oops in nft_do_chain

From: leroy christophe
Date: Tue Sep 02 2014 - 12:45:08 EST

Next message: Paolo Bonzini: "Re: [PATCH 2/4] KVM: nSVM: propagate the NPF EXITINFO to the guest"
Previous message: David Matlack: "Re: [PATCH 2/3] kvm: fix potentially corrupt mmio cache"
In reply to: Pablo Neira Ayuso: "Re: 3.16/3.16.1: Kernel Oops in nft_do_chain"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Le 02/09/2014 12:41, Pablo Neira Ayuso a écrit :

On Tue, Sep 02, 2014 at 12:14:27PM +0200, leroy christophe wrote:

Calling 'iptables-compat -L', first time nothing is listed on the screen.
Second try, it generates following Oops.

I'm going to pass this patch to -stable asap:

commit b88825de8545ad252c31543fef13cadf4de7a2bc
Author: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Date: Tue Aug 5 17:25:59 2014 +0200

netfilter: nf_tables: don't update chain with unset counters
Fix possible replacement of the per-cpu chain counters by null
pointer when updating an existing chain in the commit path.
Reported-by: Matteo Croce <technoboy85@xxxxxxxxx>
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>

I think it's the root cause for this problem.

Thanks, it does fix the Oops I had.

Christophe

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Paolo Bonzini: "Re: [PATCH 2/4] KVM: nSVM: propagate the NPF EXITINFO to the guest"
Previous message: David Matlack: "Re: [PATCH 2/3] kvm: fix potentially corrupt mmio cache"
In reply to: Pablo Neira Ayuso: "Re: 3.16/3.16.1: Kernel Oops in nft_do_chain"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]