On Fri, 2019-08-30 at 22:58 +0200, Florian Westphal wrote: > Leonardo Bras <leonardo@xxxxxxxxxxxxx> wrote: > > If IPv6 is disabled on boot (ipv6.disable=1), but nft_fib_inet ends up > > dealing with a IPv6 packet, it causes a kernel panic in > > fib6_node_lookup_1(), crashing in bad_page_fault. > > > > The panic is caused by trying to deference a very low address (0x38 > > in ppc64le), due to ipv6.fib6_main_tbl = NULL. > > BUG: Kernel NULL pointer dereference at 0x00000038 > > > > The kernel panic was reproduced in a host that disabled IPv6 on boot and > > have to process guest packets (coming from a bridge) using it's ip6tables. > > > > Terminate rule evaluation when packet protocol is IPv6 but the ipv6 module > > is not loaded. > > > > Signed-off-by: Leonardo Bras <leonardo@xxxxxxxxxxxxx> > > Acked-by: Florian Westphal <fw@xxxxxxxxx> > Hello Pablo, Any trouble with this patch? I could see the other* one got applied, but not this one. *(The other did not get acked, so i released it alone as v5) Is there any fix I need to do in this one? Best regards, Leonardo Bras
Attachment:
signature.asc
Description: This is a digitally signed message part