From: Florian Westphal <fw@strlen.de>
To: Naresh Kamboju <naresh.kamboju@linaro.org>
Cc: open list <linux-kernel@vger.kernel.org>,
selinux@vger.kernel.org,
Linux-Next Mailing List <linux-next@vger.kernel.org>,
Netdev <netdev@vger.kernel.org>,
lkft-triage@lists.linaro.org, Florian Westphal <fw@strlen.de>,
Paul Moore <paul@paul-moore.com>,
Eric Paris <eparis@parisplace.org>,
Stephen Smalley <stephen.smalley.work@gmail.com>,
Stephen Rothwell <sfr@canb.auug.org.au>
Subject: Re: [next] BUG: kernel NULL pointer dereference, address:: selinux_ip_postroute_compat
Date: Tue, 19 Oct 2021 15:10:49 +0200 [thread overview]
Message-ID: <20211019131049.GE28644@breakpoint.cc> (raw)
In-Reply-To: <CA+G9fYuY3BJ9osvhwg0-YG=L+etgCBfCq0koC9BEkvK8-GR3ew@mail.gmail.com>
Naresh Kamboju <naresh.kamboju@linaro.org> wrote:
> Following kernel crash noticed on linux next 20211019 tag.
> on x86, i386 and other architectures.
Paul, this might be caused by
1d1e1ded13568be81a0e19d228e310a48997bec8
("selinux: make better use of the nf_hook_state passed to the NF
hooks"), in particular this hunk here:
- if (sk == NULL)
+ if (state->sk == NULL)
return NF_ACCEPT;
+ sk = skb_to_full_sk(skb);
sksec = sk->sk_security;
state->sk might not be related to skb->sk.
I suspect that this should instead be:
+ sk = skb_to_full_sk(skb);
if (sk == NULL)
See 7026b1ddb6b8d4e6ee33dc2bd06c0ca8746fa7ab for the origin of this
additional socket pointer.
next prev parent reply other threads:[~2021-10-19 13:10 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-19 12:54 [next] BUG: kernel NULL pointer dereference, address:: selinux_ip_postroute_compat Naresh Kamboju
2021-10-19 13:10 ` Florian Westphal [this message]
2021-10-19 16:29 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211019131049.GE28644@breakpoint.cc \
--to=fw@strlen.de \
--cc=eparis@parisplace.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-next@vger.kernel.org \
--cc=lkft-triage@lists.linaro.org \
--cc=naresh.kamboju@linaro.org \
--cc=netdev@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=selinux@vger.kernel.org \
--cc=sfr@canb.auug.org.au \
--cc=stephen.smalley.work@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.