Re: [PATCH] RDS: Fix rds-ping inducing kernel panic
From: Santosh Shilimkar
Date: Mon Jan 22 2018 - 17:26:05 EST
On 1/22/2018 2:17 PM, Kees Cook wrote:
On Tue, Jan 23, 2018 at 4:01 AM, Santosh Shilimkar
<santosh.shilimkar@xxxxxxxxxx> wrote:
On 1/22/2018 3:24 AM, Kees Cook wrote:
As described in: https://bugzilla.redhat.com/show_bug.cgi?id=822754
Attempting an RDS connection from the IP address of an IPoIB interface
to itself causes a kernel panic due to a BUG_ON() being triggered.
Making the test less strict allows rds-ping to work without crashing
the machine.
A local unprivileged user could use this flaw to crash the sytem.
Are you able to reproduce this issue on mainline kernel ?
IIRC, this sjouldn't happen anymore but if you see it, please
let me know. Will try it as well. rds-ping on self
loopback device is often tested and used as well for
monitoring services in production.
I don't have an RDS test setup, no. But it sounds like kernels without
this patch aren't seeing the problem.
Yep. Thats what I thought and hence asked.
Am not sure if its applicable anymore. Infact the issue with
loopback device was due to congestion update and thats been
already addressed with commit '18fc25c94: {rds: prevent BUG_ON
triggered on congestion update to loopback}'
That looks very much like it was fixed there. Thanks!
Yeah. Thanks Kees !!
Regards,
Santosh