Re: panic in skb_push via sctp

From: Robert ÅwiÄcki
Date: Mon Dec 01 2014 - 14:00:22 EST

Next message: David Herrmann: "Re: [PATCH] hid: export hid_report_len as an inline function in hid.h"
Previous message: Shaohua Li: "Re: [PATCH] blk-mq: don't use rw_is_sync() to determine sync request"
In reply to: Daniel Borkmann: "Re: panic in skb_push via sctp"
Next in thread: Daniel Borkmann: "Re: panic in skb_push via sctp"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2014-12-01 19:08 GMT+01:00 Daniel Borkmann <dborkman@xxxxxxxxxx>:
>
>> Thanks for looking into it. I can try with your patch, but no
>> guarantees that the fuzzer will hit the same condition in some
>> reasonable time-frame. Will get back in some time with results.
>
>
> Ok, thanks!
>
>> PS. If you think it's possible to create a repro (userland code) which
>> can trigger this, I can give it a try.
>
>
> Did by accident trinity create tunnels? It looks that upper layer
> protocols (except SCTP) all allocate and reserve MAX_HEADER to
> accommodate enough head room in worst case for possible tunnels.

Not sure, but I run it inside a pid/ipc/uts/etc/user-namespaces where
it operates with a full set of capabilities, so most of the SOCK_RAW
and tunnel-like-creating calls succeed, so maybe..

--
Robert ÅwiÄcki
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Herrmann: "Re: [PATCH] hid: export hid_report_len as an inline function in hid.h"
Previous message: Shaohua Li: "Re: [PATCH] blk-mq: don't use rw_is_sync() to determine sync request"
In reply to: Daniel Borkmann: "Re: panic in skb_push via sctp"
Next in thread: Daniel Borkmann: "Re: panic in skb_push via sctp"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]