Re: 2.6.8 + token buffer filter queue discipline causes kernel panic
From: Patrick McHardy
Date: Mon Aug 23 2004 - 13:47:39 EST
Richard Wohlstadter wrote:
Hello,
I have 2.6.8 running on my firewall which uses basic NAT masquerading
iptables rules. I recently added a token buffer filter to limit my
outgoing bandwidth. As soon as I add the tbf with the tc utility it
causes a kernel panic. I backed down to the 2.6.7 kernel(latest
debian compiled) and the kernel panic does not occur. Is this a known
issue with 2.6.8 or should I run the oops through ksymoops and further
debug the issue. Thanks.
Already fixed, should be in -bk soon.
Regards
Patrick
# This is a BitKeeper generated diff -Nru style patch.
#
# ChangeSet
# 2004/08/15 19:33:16-07:00 kaber@xxxxxxxxx
# [PKT_SCHED]: cacheline-align qdisc data in qdisc_create()
#
# Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx>
# Signed-off-by: David S. Miller <davem@xxxxxxxxxx>
#
# net/sched/sch_api.c
# 2004/08/15 19:32:59-07:00 kaber@xxxxxxxxx +13 -8
# [PKT_SCHED]: cacheline-align qdisc data in qdisc_create()
#
# Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx>
# Signed-off-by: David S. Miller <davem@xxxxxxxxxx>
#
diff -Nru a/net/sched/sch_api.c b/net/sched/sch_api.c
--- a/net/sched/sch_api.c 2004-08-23 19:06:53 +02:00
+++ b/net/sched/sch_api.c 2004-08-23 19:06:53 +02:00
@@ -389,7 +389,8 @@
{
int err;
struct rtattr *kind = tca[TCA_KIND-1];
- struct Qdisc *sch = NULL;
+ void *p = NULL;
+ struct Qdisc *sch;
struct Qdisc_ops *ops;
int size;
@@ -407,12 +408,18 @@
if (ops == NULL)
goto err_out;
- size = sizeof(*sch) + ops->priv_size;
+ /* ensure that the Qdisc and the private data are 32-byte aligned */
+ size = ((sizeof(*sch) + QDISC_ALIGN_CONST) & ~QDISC_ALIGN_CONST);
+ size += ops->priv_size + QDISC_ALIGN_CONST;
- sch = kmalloc(size, GFP_KERNEL);
+ p = kmalloc(size, GFP_KERNEL);
err = -ENOBUFS;
- if (!sch)
+ if (!p)
goto err_out;
+ memset(p, 0, size);
+ sch = (struct Qdisc *)(((unsigned long)p + QDISC_ALIGN_CONST)
+ & ~QDISC_ALIGN_CONST);
+ sch->padded = (char *)sch - (char *)p;
/* Grrr... Resolve race condition with module unload */
@@ -420,8 +427,6 @@
if (ops != qdisc_lookup_ops(kind))
goto err_out;
- memset(sch, 0, size);
-
INIT_LIST_HEAD(&sch->list);
skb_queue_head_init(&sch->q);
@@ -470,8 +475,8 @@
err_out:
*errp = err;
- if (sch)
- kfree(sch);
+ if (p)
+ kfree(p);
return NULL;
}