On Thu, May 31, 2018 at 05:40:40PM +0800, peter pi wrote: > Hi Greg, > > My test method is very simple: > 1, In copy_to_user, add a function call like my_examine(from, n) to check > every 8 bytes. There is an kernel function called virt_addr_valid which > can check if the value is a address value. > 2, Print a kernel log when there is a leak detected in function my_examine > 3, Run iptables-save or ip6tables-save in shell, it will hit the kernel > code path of the problem > > > Because my test code is specified for Pixel 2, so I think you can write the > test code yourself just about 10 lines code Any chance you can test this on a more modern kernel, like 4.14 or newer on a normal system? thanks, greg k-h -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
