On 09/09/13 12:51, Jozsef Kadlecsik wrote:
On Mon, 9 Sep 2013, Yoann Juet wrote:We've experienced a recent kernel crash on a captive portal server running debian/wheezy with a standard kernel 3.2.0-4. The crash seems to be related to ipset that we're using to check bitmaps {ip,mac}. It has not been seen before on this production server.A cleanup part is missing for the bitmap:ip,mac type with timeout in the 3.2 kernel tree: diff --git a/net/netfilter/ipset/ip_set_bitmap_ipmac.c b/net/netfilter/ipset/ip_set_bitmap_ipmac.c index 56096f5..725e431 100644 --- a/net/netfilter/ipset/ip_set_bitmap_ipmac.c +++ b/net/netfilter/ipset/ip_set_bitmap_ipmac.c @@ -333,7 +333,11 @@ bitmap_ipmac_tlist(const struct ip_set *set, nla_put_failure: nla_nest_cancel(skb, nested); ipset_nest_end(skb, atd); - return -EMSGSIZE; + if (unlikely(id == first)) { + cb->args[2] = 0; + return -EMSGSIZE; + } + return 0; } static int However, the missing part caused incomplete listing only. This case seems to be different. So does the patch above help? Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlecsik.jozsef@xxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences H-1525 Budapest 114, POB. 49, Hungary
I'll make a try. I keep you in touch if the crash re-appears. Thanks Jozsef, Regards -- Université de Nantes - Direction des Systèmes d'Information IM jabber: yoann.juet@xxxxxxxxxxxxxx Tél: 02.53.48.49.26 - Fax: 02.53.48.49.09
begin:vcard fn:Yoann Juet n:Juet;Yoann org;quoted-printable;quoted-printable:Direction des Syst=C3=A8mes d'Information;P=C3=B4le R=C3=A9seau adr;quoted-printable:BP 92208;;2 rue de la Houssini=C3=A8re;Nantes Cedex 3;;44322;France email;internet:yoann.juet@xxxxxxxxxxxxxx tel;work:02.53.48.49.26 tel;fax:02.53.48.49.09 tel;cell:06.73.15.42.19 version:2.1 end:vcard
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
