From: Patrick McHardy <kaber@trash.net>
To: Eric Paris <eparis@redhat.com>
Cc: netfilter-devel@vger.kernel.org, netfilter@vger.kernel.org,
coreteam@netfilter.org, netdev@vger.kernel.org,
davem@davemloft.net, jengelh@medozas.de, paul.moore@hp.com,
jmorris@namei.org
Subject: Re: [PATCH] secmark: do not return early if there was no error
Date: Fri, 15 Oct 2010 17:08:26 +0200 [thread overview]
Message-ID: <4CB86E6A.1040807@trash.net> (raw)
In-Reply-To: <20101013202105.15011.60553.stgit@paris.rdu.redhat.com>
Am 13.10.2010 22:21, schrieb Eric Paris:
> Commit 4a5a5c73 attempted to pass decent error messages back to userspace for
> netfilter errors. In xt_SECMARK.c however the patch screwed up and returned
> on 0 (aka no error) early and didn't finish setting up secmark. This results
> in a kernel BUG if you use SECMARK.
>
> ------------[ cut here ]------------
> kernel BUG at net/netfilter/xt_SECMARK.c:38!
> invalid opcode: 0000 [#1] SMP
> last sysfs file: /sys/devices/system/cpu/cpu2/cache/index2/shared_cpu_map
> CPU 0
> Modules linked in: xt_SECMARK iptable_mangle nfs lockd fscache nfs_acl
> auth_rpcgss sunrpc ip6t_REJECT nf_conntrack_ipv6 ip6table_filter ip6_tables
> uinput virtio_net virtio_balloon i2c_piix4 i2c_core joydev microcode ipv6
> virtio_blk virtio_pci virtio_ring virtio [last unloaded: speedstep_lib]
>
> ...
> RIP [<ffffffffa022117d>] secmark_tg+0x17/0x2e [xt_SECMARK]
> RSP <ffff880003e03a40>
> ---[ end trace 9aa5d06a71143e74 ]---
>
> Signed-off-by: Eric Paris <eparis@redhat.com>
> Acked-by: Paul Moore <paul.moore@hp.com>
> Acked-by: James Morris <jmorris@namei.org>
Acked-by: Patrick McHardy <kaber@trash.net>
I'll leave it up to Dave whether this can still go into 2.6.36.
next prev parent reply other threads:[~2010-10-15 15:08 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-10-13 20:21 [PATCH] secmark: do not return early if there was no error Eric Paris
2010-10-15 15:08 ` Patrick McHardy [this message]
2010-10-18 22:48 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4CB86E6A.1040807@trash.net \
--to=kaber@trash.net \
--cc=coreteam@netfilter.org \
--cc=davem@davemloft.net \
--cc=eparis@redhat.com \
--cc=jengelh@medozas.de \
--cc=jmorris@namei.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=netfilter@vger.kernel.org \
--cc=paul.moore@hp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.