c***@gmx.de
2013-02-21 15:40:59 UTC
stating the "stats" and "ifstats" files in a ethernet tree
that has no active connections can cause the kernel to
go into endless loop or returns wrong stat data.
the bug is in port/netif.c in the netifgen() function:
- if(t == N2ndqid || t == Ncloneqid || t == Naddrqid){
+ if(t == N2ndqid || t == Ncloneqid || t == Naddrqid || t == Nstatqid || t == Nifstatqid){
the problem is subtile and comes from the dual use
of the gen functions for generating tree enumeration
and stating.
maybe it would be a good idea to make devstat()
error out after a million iterations just instead
of looping forever to make this easier to diagnose?
this is the same class of bug that was discovered
in the devdraw device some time ago. it would be a
good idea to audit other devices for these kind of
bugs while being at it.
--
cinap
that has no active connections can cause the kernel to
go into endless loop or returns wrong stat data.
the bug is in port/netif.c in the netifgen() function:
- if(t == N2ndqid || t == Ncloneqid || t == Naddrqid){
+ if(t == N2ndqid || t == Ncloneqid || t == Naddrqid || t == Nstatqid || t == Nifstatqid){
the problem is subtile and comes from the dual use
of the gen functions for generating tree enumeration
and stating.
maybe it would be a good idea to make devstat()
error out after a million iterations just instead
of looping forever to make this easier to diagnose?
this is the same class of bug that was discovered
in the devdraw device some time ago. it would be a
good idea to audit other devices for these kind of
bugs while being at it.
--
cinap