> 4e461c777e34 xt_qtaguid: Fix panic caused by synack processing > cc0063b8eb44 xt_qtaguid: Fix panic caused by processing non-full socket.
Just to confirm that I didn't have these two patches when hitting the panic. But it's really hard for me to go back and re-check. I would assume these are valid fixes since they fixed Andrew's issues. Thanks for the update. -Fei On Wed, Dec 14, 2016 at 5:46 AM, Andrew Lukin <andrew.lu...@gmail.com> wrote: > Thanks a lot for the hashes. > I'm using a bit outdated kernel in fact. These commits resolved the > question. > > Andrew > > вторник, 13 декабря 2016 г., 2:39:08 UTC+2 пользователь John Stultz > написал: > >> On Fri, Feb 26, 2016 at 6:03 PM, Fei Yang <pha...@gmail.com> wrote: >> > I'm running into a panic with 4.4 kernel after applying google patches >> from >> > Android common.git. >> > The panic is apparently triggered by the rwlock introduced in the >> following >> > patch. Somehow the sk structure is pointing to an uninitialized rwlock, >> > sk_callback_lock. >> > I found that the sk I'm getting in qtaguid_mt() is initially NULL, thus >> it >> > tries to find a valid sk by calling qtaguid_find_sk(). But somehow this >> sk >> > has an uninitialized rwlock. >> > My question is how does a sk found from qtaguid_find_sk() get >> allocated? I'm >> > running out of idea to trace it back and figure out why the sk is not >> > initialized properly. >> > Shouldn't all sk initialized through either sock_init_data() or >> > sk_clone_lock() which guarantee a valid rwlock? >> >> Sorry for not replying to this earlier, it got filtered away and I missed >> it. >> >> So I'm curious how you're hitting this (or if you still are seeing >> it)? We ran into some xt_qtaguid use-after-free issues early after 4.4 >> came out (back when this email was written), but those were addressed >> by the following commits: >> >> 4e461c777e34 xt_qtaguid: Fix panic caused by synack processing >> cc0063b8eb44 xt_qtaguid: Fix panic caused by processing non-full socket. >> >> So If you're seeing the issue with these two fixes applied, I'd be >> interested in how you're triggering it. >> >> thanks >> -john >> > -- -- unsubscribe: android-kernel+unsubscr...@googlegroups.com website: http://groups.google.com/group/android-kernel --- You received this message because you are subscribed to the Google Groups "Android Linux Kernel Development" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-kernel+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
