On Tue, Jan 23, 2018 at 4:01 AM, Santosh Shilimkar <santosh.shilimkar@xxxxxxxxxx> wrote: > On 1/22/2018 3:24 AM, Kees Cook wrote: >> >> As described in: https://bugzilla.redhat.com/show_bug.cgi?id=822754 >> >> Attempting an RDS connection from the IP address of an IPoIB interface >> to itself causes a kernel panic due to a BUG_ON() being triggered. >> Making the test less strict allows rds-ping to work without crashing >> the machine. >> >> A local unprivileged user could use this flaw to crash the sytem. >> > Are you able to reproduce this issue on mainline kernel ? > IIRC, this sjouldn't happen anymore but if you see it, please > let me know. Will try it as well. rds-ping on self > loopback device is often tested and used as well for > monitoring services in production. I don't have an RDS test setup, no. But it sounds like kernels without this patch aren't seeing the problem. > Am not sure if its applicable anymore. Infact the issue with > loopback device was due to congestion update and thats been > already addressed with commit '18fc25c94: {rds: prevent BUG_ON > triggered on congestion update to loopback}' That looks very much like it was fixed there. Thanks! -Kees -- Kees Cook Pixel Security -- To unsubscribe from this list: send the line "unsubscribe linux-rdma" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html