Hardy: [NETFILTER]: {ip,ip6,nfnetlink}_queue: fix SKB_LINEAR_ASSERT when mangling packet data

Bug #236699 reported by yanaventer
12
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Undecided
Unassigned
Hardy
Fix Released
Medium
Tim Gardner

Bug Description

A patch in the linux kernel from a while back hasn't made it into the Ubuntu kernel.

http://lkml.org/lkml/2008/3/21/449

If you check the sources it hasn't been applied but its in the main kernel since 2.6.23

Revision history for this message
Nick Ellery (nick.ellery) wrote :

Package set to linux.

Revision history for this message
Leann Ogasawara (leannogasawara) wrote :

Hi yanaventer,

Looks like this patch has made it's way into the Intrepid kernel. I'll open a Hardy nomination for them to consider backporting. Thanks.

ogasawara@yoji:~/ubuntu-intrepid$ git log -p e2b58a67b91dec07dfb40ca2056c64011ce8489d
commit e2b58a67b91dec07dfb40ca2056c64011ce8489d
Author: Patrick McHardy <email address hidden>
Date: Tue Feb 19 17:17:52 2008 -0800

    [NETFILTER]: {ip,ip6,nfnetlink}_queue: fix SKB_LINEAR_ASSERT when mangling packet data

Changed in linux:
status: New → Fix Released
assignee: nobody → ubuntu-kernel-team
importance: Undecided → Medium
status: New → Triaged
Revision history for this message
Tim Gardner (timg-tpi) wrote :
Changed in linux:
assignee: ubuntu-kernel-team → timg-tpi
milestone: none → ubuntu-8.04.2
status: Triaged → Fix Committed
Revision history for this message
Tim Gardner (timg-tpi) wrote :

SRU Justification

Impact: Fix kernel assert crash

Patch Description: Use skb_copy_expand instead of pskb_expand_head.

Patch: http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-hardy.git;a=commit;h=19cf29258654c2d55422540993482a8ca88bbfce

Test Case: See bug description

Revision history for this message
Martin Pitt (pitti) wrote :

Accepted into -proposed, please test and give feedback here. Please see https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Revision history for this message
Steve Beattie (sbeattie) wrote :

If we're going to apply this fix, do we not also need to commit http://lkml.org/lkml/2008/5/13/392 as well?

Revision history for this message
Steve Beattie (sbeattie) wrote :

Marking this as verification-failed, unless it can be shown this fix doesn't introduce the regression discussed in the previously mentioned http://lkml.org/lkml/2008/5/13/392 , which states:

  The patch below asks for allocation of a copy with enough space for
  mangled packet and the same amount of headroom as old sk_buff. While
  looking at how the regression appeared (e2b58a67), I noticed the same
  pattern in ipq_mangle_ipv6() and ipq_mangle_ipv4(). The patch corrects
  those locations too.

git commit e2b58a67 is the fix referred to in comment 2 by Leann Ogasawara.

Revision history for this message
Tim Gardner (timg-tpi) wrote :

@Steve - http://lkml.org/lkml/2008/5/13/392 indicates that the above commit works fine with 2.6.24. Arnaud said he had trouble with 2.6.25.

Revision history for this message
Steve Beattie (sbeattie) wrote : Re: [Bug 236699] Re: Hardy: [NETFILTER]: {ip, ip6, nfnetlink}_queue: fix SKB_LINEAR_ASSERT when mangling packet data

On Fri, Oct 03, 2008 at 03:21:25AM -0000, Tim Gardner wrote:
> @Steve - http://lkml.org/lkml/2008/5/13/392 indicates that the above
> commit works fine with 2.6.24. Arnaud said he had trouble with 2.6.25.

@Tim - while that's true (he also claims that his mangling
works fine with 2.6.22), note that the original patch reported in
http://lkml.org/lkml/2008/3/21/449 for this bug was from the -stable
2.6.24.4 thread starting at http://lkml.org/lkml/2008/3/21/447; it's not
exactly clear *which* 2.6.24 kernel Arnaud tried his mangling against
when he went back to look to see where the regression was introduced.

What I'd really like is a testcase that triggers the original bug, and
then we could work from there, but I expect we're not going to get that.

--
Steve Beattie
<email address hidden>
http://NxNW.org/~steve/

Revision history for this message
Martin Pitt (pitti) wrote :

linux 2.6.24-21 copied to hardy-updates.

Changed in linux:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.