bugzilla-daemon at netfilter.org
2016-Oct-28 12:30 UTC
[Bug 1096] New: Kernel oops when inserting an element into a map
https://bugzilla.netfilter.org/show_bug.cgi?id=1096
Bug ID: 1096
Summary: Kernel oops when inserting an element into a map
Product: nftables
Version: unspecified
Hardware: x86_64
OS: other
Status: NEW
Severity: critical
Priority: P5
Component: kernel
Assignee: pablo at netfilter.org
Reporter: dalegaard at gmail.com
Created attachment 485
--> https://bugzilla.netfilter.org/attachment.cgi?id=485&action=edit
dmesg log from kernel oops
The following ruleset, when loaded with 'nft -f bad.txt', results in a
kernel
oops:
----snip----
flush ruleset
table ip inlinenat {
map sourcemap {
type ipv4_addr : verdict;
}
chain postrouting {
ip saddr vmap @sourcemap accept
}
}
add chain inlinenat test
add element inlinenat sourcemap { 100.123.10.2 : jump test }
----snip----
If the element and chain are inserted as part of the table statement everything
works:
----snip----
flush ruleset
table ip inlinenat {
map sourcemap {
type ipv4_addr : verdict;
elements = {
0.0.0.0 : jump test
}
}
chain test {
}
chain postrouting {
ip saddr vmap @sourcemap accept
}
}
----snip----
However, adding another element afterwards will then fail just as in the first
case.
A dmesg log from the oops is attached. I can reproduce this 100% of the time on
Arch Linux running kernel:
Linux dalegaard-t460s 4.8.4-1-ARCH #1 SMP PREEMPT x86_64 GNU/Linux
nft version is 0.6.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20161028/da8179bd/attachment.html>
bugzilla-daemon at netfilter.org
2016-Oct-31 08:17 UTC
[Bug 1096] Kernel oops when inserting an element into a verdict map
https://bugzilla.netfilter.org/show_bug.cgi?id=1096
dalegaard at gmail.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Kernel oops when inserting |Kernel oops when inserting
|an element into a map |an element into a verdict
| |map
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20161031/85e899be/attachment.html>
bugzilla-daemon at netfilter.org
2016-Dec-31 12:30 UTC
[Bug 1096] Kernel oops when inserting an element into a verdict map
https://bugzilla.netfilter.org/show_bug.cgi?id=1096
Liping Zhang <zlpnobody at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
CC| |zlpnobody at gmail.com
--- Comment #1 from Liping Zhang <zlpnobody at gmail.com> ---
Fixed at
https://git.kernel.org/cgit/linux/kernel/git/pablo/nf.git/commit/?id=58c78e104d937c1f560fb10ed9bb2dcde0db4fcf
Thank you!
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20161231/03db8de9/attachment.html>
Seemingly Similar Threads
- [Bug 1144] New: set add always returns false or otherwise ends evaluation
- [Bug 1120] New: nf_tables_check_loops error on adding element to vmap
- [Bug 1127] New: running nft command creates lag for forwarded packets
- [Bug 1141] New: trace aborts using pkttype on ingress
- [Bug 1098] New: Stateless packet rewriting of source/destination IPs must update IP header as well