Re: panic in skb_push via sctp
From: Robert ÅwiÄcki
Date: Mon Dec 01 2014 - 14:00:22 EST
2014-12-01 19:08 GMT+01:00 Daniel Borkmann <dborkman@xxxxxxxxxx>:
>
>> Thanks for looking into it. I can try with your patch, but no
>> guarantees that the fuzzer will hit the same condition in some
>> reasonable time-frame. Will get back in some time with results.
>
>
> Ok, thanks!
>
>> PS. If you think it's possible to create a repro (userland code) which
>> can trigger this, I can give it a try.
>
>
> Did by accident trinity create tunnels? It looks that upper layer
> protocols (except SCTP) all allocate and reserve MAX_HEADER to
> accommodate enough head room in worst case for possible tunnels.
Not sure, but I run it inside a pid/ipc/uts/etc/user-namespaces where
it operates with a full set of capabilities, so most of the SOCK_RAW
and tunnel-like-creating calls succeed, so maybe..
--
Robert ÅwiÄcki
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/