On Mon, Jan 28, 2019 at 1:50 AM Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
>
> On Mon, Jan 21, 2019 at 09:54:36PM +0100, Florian Westphal wrote:
> > Unlike ip(6)tables ebtables only counts user-defined chains.
> >
> > The effect is that a 32bit ebtables binary on a 64bit kernel can do
> > 'ebtables -N FOO' only after adding at least one rule, else the request
> > fails with -EINVAL.
> >
> > This is a similar fix as done in
> > 3f1e53abff84 ("netfilter: ebtables: don't attempt to allocate 0-sized compat array").
>
> Applied, thanks Florian.
After running this patch for a few days I got this panic.
It seems to be because when we skip xt_compat_init_offsets()
in compat_do_replace(), we also fail to set some values in
xt[NFPROTO_BRIDGE] that are later needed in
pr_debug(..., xt_compat_calc_jump(NFPROTO_BRIDGE, ...))
[144528.769608] BUG: unable to handle kernel paging request at 0000000009600920
[144528.776934] PGD 1adb018067 P4D 1adb018067 PUD 10bd9fa067 PMD 0
[144528.783224] Oops: 0000 [#1] SMP
[144528.786732] CPU: 15 PID: 5403 Comm: ebtables Kdump: loaded Not
tainted 4.19.17-11195414.AroraKernelnext.2.fc18.x86_64 #1
[144528.798183] Hardware name: Supermicro X9DRT/X9DRT, BIOS 3.0 06/28/2013
[144528.805089] RIP: 0010:xt_compat_calc_jump+0x2f/0x63 [x_tables]
[144528.811291] Code: 40 0f b6 ff 55 31 c0 48 6b ff 70 48 03 3d dc 45
00 00 48 89 e5 8b 4f 6c 4c 8b 47 60 ff c9 39 c8 7f 2f 8d 14 08 d1 fa
48 63 fa <41> 39 34 f8 4c 8d 0c fd 00 00 00 00 73 05 8d 42 01 eb e1 76
05 8d
[144528.830848] RSP: 0018:ffffc90009efbc58 EFLAGS: 00010207
[144528.836429] RAX: 0000000000000000 RBX: ffffc900064e5000 RCX:
0000000002580249
[144528.844144] RDX: 00000000012c0124 RSI: fffffffff70e5111 RDI:
00000000012c0124
[144528.851846] RBP: ffffc90009efbc58 R08: 0000000000000000 R09:
ffffffff8117cf8f
[144528.859561] R10: ffffc900068cf000 R11: 0000000000000000 R12:
0000000000000d31
[144528.867265] R13: 0000000000000000 R14: ffffc90009efbcb8 R15:
ffffc90009efbcb8
[144528.874969] FS: 0000000000000000(0000) GS:ffff88a03f9c0000(0063)
knlGS:00000000f7b0b940
[144528.883622] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033
[144528.889720] CR2: 0000000009600920 CR3: 0000001f84555003 CR4:
00000000000606e0
[144528.897415] DR0: 0000000000018840 DR1: 0000000000000000 DR2:
0000000000000000
[144528.905118] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7:
0000000000000600
[144528.912818] Call Trace:
[144528.915634] compat_do_replace+0x1fb/0x2a3 [ebtables]
[144528.921059] compat_do_ebt_set_ctl+0x69/0xe6 [ebtables]
[144528.926647] ? ptep_set_access_flags+0x2a/0x2f
[144528.931451] ? wp_page_reuse+0x35/0x3f
[144528.935569] ? try_module_get+0x37/0x42
[144528.939776] compat_nf_setsockopt+0x4f/0x6d
[144528.944321] compat_ip_setsockopt+0x7e/0x8c
[144528.948866] compat_raw_setsockopt+0x16/0x3a
[144528.953492] compat_sock_common_setsockopt+0x1d/0x24
[144528.958822] __compat_sys_setsockopt+0x17e/0x1b1
[144528.963806] ? __check_object_size+0x76/0x19a
[144528.968528] __ia32_compat_sys_socketcall+0x1cb/0x25b
[144528.973951] do_fast_syscall_32+0xaf/0xf6
[144528.978324] entry_SYSENTER_compat+0x6b/0x7a
