Re: panic in skb_push via sctp

From: Daniel Borkmann
Date: Mon Dec 01 2014 - 14:14:33 EST

Next message: Paul E. McKenney: "Re: frequent lockups in 3.18rc4"
Previous message: Boris Brezillon: "[PATCH] mtd: gpmi: properly handle bitflips in erased pages"
In reply to: Robert ÅwiÄcki: "Re: panic in skb_push via sctp"
Next in thread: Robert ÅwiÄcki: "Re: panic in skb_push via sctp"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/01/2014 08:00 PM, Robert ÅwiÄcki wrote:

2014-12-01 19:08 GMT+01:00 Daniel Borkmann <dborkman@xxxxxxxxxx>:

Thanks for looking into it. I can try with your patch, but no
guarantees that the fuzzer will hit the same condition in some
reasonable time-frame. Will get back in some time with results.

Ok, thanks!

PS. If you think it's possible to create a repro (userland code) which
can trigger this, I can give it a try.

Did by accident trinity create tunnels? It looks that upper layer
protocols (except SCTP) all allocate and reserve MAX_HEADER to
accommodate enough head room in worst case for possible tunnels.

Not sure, but I run it inside a pid/ipc/uts/etc/user-namespaces where
it operates with a full set of capabilities, so most of the SOCK_RAW
and tunnel-like-creating calls succeed, so maybe..

Ok thanks, can you post your .config?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Paul E. McKenney: "Re: frequent lockups in 3.18rc4"
Previous message: Boris Brezillon: "[PATCH] mtd: gpmi: properly handle bitflips in erased pages"
In reply to: Robert ÅwiÄcki: "Re: panic in skb_push via sctp"
Next in thread: Robert ÅwiÄcki: "Re: panic in skb_push via sctp"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]