From: patchwork-bot+netdevbpf@kernel.org
To: Andy Roulin <aroulin@nvidia.com>
Cc: netdev@vger.kernel.org, pablo@netfilter.org,
kadlec@netfilter.org, roopa@nvidia.com, razor@blackwall.org,
davem@davemloft.net, edumazet@google.com, kuba@kernel.org,
pabeni@redhat.com, shuah@kernel.org, idosch@nvidia.com,
petrm@nvidia.com
Subject: Re: [PATCH net 0/2] netfilter: br_netfilter: fix panic with metadata_dst skb
Date: Fri, 04 Oct 2024 19:10:34 +0000 [thread overview]
Message-ID: <172806903489.2708740.1274785740623551771.git-patchwork-notify@kernel.org> (raw)
In-Reply-To: <20241001154400.22787-1-aroulin@nvidia.com>
Hello:
This series was applied to netdev/net.git (main)
by Jakub Kicinski <kuba@kernel.org>:
On Tue, 1 Oct 2024 08:43:58 -0700 you wrote:
> There's a kernel panic possible in the br_netfilter module when sending
> untagged traffic via a VxLAN device. Traceback is included below.
> This happens during the check for fragmentation in br_nf_dev_queue_xmit
> if the MTU on the VxLAN device is not big enough.
>
> It is dependent on:
> 1) the br_netfilter module being loaded;
> 2) net.bridge.bridge-nf-call-iptables set to 1;
> 3) a bridge with a VxLAN (single-vxlan-device) netdevice as a bridge port;
> 4) untagged frames with size higher than the VxLAN MTU forwarded/flooded
>
> [...]
Here is the summary with links:
- [net,1/2] netfilter: br_netfilter: fix panic with metadata_dst skb
https://git.kernel.org/netdev/net/c/f9ff7665cd12
- [net,2/2] selftests: add regression test for br_netfilter panic
https://git.kernel.org/netdev/net/c/bc4d22b72a2d
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
prev parent reply other threads:[~2024-10-04 19:10 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-01 15:43 [PATCH net 0/2] netfilter: br_netfilter: fix panic with metadata_dst skb Andy Roulin
2024-10-01 15:43 ` [PATCH net 1/2] " Andy Roulin
2024-10-03 12:12 ` Nikolay Aleksandrov
2024-10-01 15:44 ` [PATCH net 2/2] selftests: add regression test for br_netfilter panic Andy Roulin
2024-10-03 12:13 ` Nikolay Aleksandrov
2024-10-04 19:10 ` patchwork-bot+netdevbpf [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=172806903489.2708740.1274785740623551771.git-patchwork-notify@kernel.org \
--to=patchwork-bot+netdevbpf@kernel.org \
--cc=aroulin@nvidia.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=idosch@nvidia.com \
--cc=kadlec@netfilter.org \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=pablo@netfilter.org \
--cc=petrm@nvidia.com \
--cc=razor@blackwall.org \
--cc=roopa@nvidia.com \
--cc=shuah@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.