Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp1219384ybl; Fri, 30 Aug 2019 13:59:13 -0700 (PDT) X-Google-Smtp-Source: APXvYqxAXfw1CDsCjHj/rPbIJbFzbm0c8wBPx25eHCl6F9STbSGSsLB8esHviEpAtLo56AfeJpjQ X-Received: by 2002:aa7:8808:: with SMTP id c8mr19625535pfo.67.1567198753082; Fri, 30 Aug 2019 13:59:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1567198753; cv=none; d=google.com; s=arc-20160816; b=PO3cRfl9ahXBrKx0eW5B9PDRzYlr6zFhMk/mW5kGcFCdvMVJ0ltT309YHFhBE/qyDe tp1OK/EfWYMadAYG+Re2Y7qEcdj9oAlqdxMKfSru69k2SmTU/L5ofXpDSsg+jwMd5Stu 5hHt0hjJJ8HoGf3d6kstL8qN6ziE5pvCAIQrTA0GXUdfRiX9OJuap0AomTvHhlMQC0qm DRHPuskCPeAS3CVEa3fYiXznY0Bn5dzNec8T2lTj9PdASGgKRzV8CyggzCJmoMnBODBZ 0p7z0I9xTV82B5T3Yp07Nm3XhyS/F8nOJS8cwqCSzjQ693xaJWjs6nxzKuQxHvC65Nv2 jmjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=ufYt+TquYeUN5p3d2lf2zx0KrS0Tqt+y8Qm6UL02zMY=; b=iJYE+Ixr3vsX1wPrsfHDWeEdgo/ZEJZ0U81KLAA3m3zMNRTtVMjrgrLvAt0l5U4zF9 Rlj+9uV7FsSUCEdyKwb7cH/dvYHLt/BLPhTVAc4oREakI5KRtwK7xWGS9uvpXQctUf4s bacj1mQlvox5khg1W40eTCFSBKJp1J4P5MIJaWEHRCcbU1xdaz8vu4p/A8bE2Utdtfj6 uDpZqFL9jP0cJABkLmEVJ5DlnxftdEO8lYwEeo+b7W3VkNeaGboBwsQnkvLeDAX6VEUy IdalLGK6Eom/7j4Pt7kVNPcY8tDv2oyMSVUynOomOTPD2651BIWEIHF3ETgoo4QFrpHP XYKA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i64si5388146pli.252.2019.08.30.13.58.58; Fri, 30 Aug 2019 13:59:13 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728279AbfH3U6K (ORCPT + 99 others); Fri, 30 Aug 2019 16:58:10 -0400 Received: from Chamillionaire.breakpoint.cc ([193.142.43.52]:58896 "EHLO Chamillionaire.breakpoint.cc" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728067AbfH3U6K (ORCPT ); Fri, 30 Aug 2019 16:58:10 -0400 Received: from fw by Chamillionaire.breakpoint.cc with local (Exim 4.92) (envelope-from ) id 1i3ny6-0006SE-KB; Fri, 30 Aug 2019 22:58:02 +0200 Date: Fri, 30 Aug 2019 22:58:02 +0200 From: Florian Westphal To: Leonardo Bras Cc: netfilter-devel@vger.kernel.org, coreteam@netfilter.org, bridge@lists.linux-foundation.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , Roopa Prabhu , Nikolay Aleksandrov , "David S. Miller" Subject: Re: [PATCH v4 1/2] netfilter: Terminate rule eval if protocol=IPv6 and ipv6 module is disabled Message-ID: <20190830205802.GS20113@breakpoint.cc> References: <20190830181354.26279-1-leonardo@linux.ibm.com> <20190830181354.26279-2-leonardo@linux.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190830181354.26279-2-leonardo@linux.ibm.com> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Leonardo Bras wrote: > If IPv6 is disabled on boot (ipv6.disable=1), but nft_fib_inet ends up > dealing with a IPv6 packet, it causes a kernel panic in > fib6_node_lookup_1(), crashing in bad_page_fault. > > The panic is caused by trying to deference a very low address (0x38 > in ppc64le), due to ipv6.fib6_main_tbl = NULL. > BUG: Kernel NULL pointer dereference at 0x00000038 > > The kernel panic was reproduced in a host that disabled IPv6 on boot and > have to process guest packets (coming from a bridge) using it's ip6tables. > > Terminate rule evaluation when packet protocol is IPv6 but the ipv6 module > is not loaded. > > Signed-off-by: Leonardo Bras Acked-by: Florian Westphal