netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* stable regression: revert request for netfilter ipv6 defrag bug
@ 2018-10-24 10:31 Florian Westphal
  2018-10-31 15:07 ` Sasha Levin
  0 siblings, 1 reply; 2+ messages in thread
From: Florian Westphal @ 2018-10-24 10:31 UTC (permalink / raw)
  To: stable; +Cc: netfilter-devel

Hi,

please consider reverting

commit 84379c9afe011020e797e3f50a662b08a6355dcf
netfilter: ipv6: nf_defrag: drop skb dst before queueing

It causes kernel crash for locally generated ipv6 fragments
when netfilter ipv6 defragmentation is used.

The faulty commit is not essential for -stable, it only
delays netns teardown for longer than needed when that netns
still has ipv6 frags queued.  Much better than crash :-/

commit ids are:
4.4.y: not affected (not backported)
4.9.y: backported as ad8b1ffc3efae2f65080bdb11145c87d299b8f9a
4.14.y: backported as 28c74ff85efd192aeca9005499ca50c24d795f61
4.18.y: (first affected kernel): 84379c9afe011020e797e3f50a662b08a6355dcf

For 4.19.y, you could also wait for a bug fix to hit Linus tree,
I can ping you again once its in:
https://patchwork.ozlabs.org/patch/988233/

Thanks,
Florian

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: stable regression: revert request for netfilter ipv6 defrag bug
  2018-10-24 10:31 stable regression: revert request for netfilter ipv6 defrag bug Florian Westphal
@ 2018-10-31 15:07 ` Sasha Levin
  0 siblings, 0 replies; 2+ messages in thread
From: Sasha Levin @ 2018-10-31 15:07 UTC (permalink / raw)
  To: Florian Westphal; +Cc: stable, netfilter-devel

On Wed, Oct 24, 2018 at 12:31:04PM +0200, Florian Westphal wrote:
>Hi,
>
>please consider reverting
>
>commit 84379c9afe011020e797e3f50a662b08a6355dcf
>netfilter: ipv6: nf_defrag: drop skb dst before queueing
>
>It causes kernel crash for locally generated ipv6 fragments
>when netfilter ipv6 defragmentation is used.
>
>The faulty commit is not essential for -stable, it only
>delays netns teardown for longer than needed when that netns
>still has ipv6 frags queued.  Much better than crash :-/
>
>commit ids are:
>4.4.y: not affected (not backported)
>4.9.y: backported as ad8b1ffc3efae2f65080bdb11145c87d299b8f9a
>4.14.y: backported as 28c74ff85efd192aeca9005499ca50c24d795f61
>4.18.y: (first affected kernel): 84379c9afe011020e797e3f50a662b08a6355dcf
>
>For 4.19.y, you could also wait for a bug fix to hit Linus tree,
>I can ping you again once its in:
>https://patchwork.ozlabs.org/patch/988233/

I've queued a revert for 4.18, 4.14, and 4.9. Thank you.

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2018-10-31 15:07 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-10-24 10:31 stable regression: revert request for netfilter ipv6 defrag bug Florian Westphal
2018-10-31 15:07 ` Sasha Levin

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).