lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 17 Jan 2018 07:39:24 +0100
From:   Oliver Hartkopp <socketcan@...tkopp.net>
To:     Dmitry Vyukov <dvyukov@...gle.com>,
        Marc Kleine-Budde <mkl@...gutronix.de>
Cc:     syzbot <syzbot+4386709c0c1284dca827@...kaller.appspotmail.com>,
        David Miller <davem@...emloft.net>, linux-can@...r.kernel.org,
        LKML <linux-kernel@...r.kernel.org>,
        netdev <netdev@...r.kernel.org>, syzkaller-bugs@...glegroups.com
Subject: Re: WARNING in can_rcv



On 01/16/2018 07:11 PM, Dmitry Vyukov wrote:
> On Tue, Jan 16, 2018 at 7:07 PM, Marc Kleine-Budde <mkl@...gutronix.de> wrote:
>> On 01/16/2018 06:58 PM, syzbot wrote:
>>> Hello,
>>>
>>> syzkaller hit the following crash on
>>> a8750ddca918032d6349adbf9a4b6555e7db20da
>>> git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/master
>>> compiler: gcc (GCC) 7.1.1 20170620
>>> .config is attached
>>> Raw console output is attached.
>>> C reproducer is attached
>>> syzkaller reproducer is attached. See https://goo.gl/kgGztJ
>>> for information about syzkaller reproducers
>>>
>>>
>>> IMPORTANT: if you fix the bug, please add the following tag to the commit:
>>> Reported-by: syzbot+4386709c0c1284dca827@...kaller.appspotmail.com
>>> It will help syzbot understand when the bug is fixed. See footer for
>>> details.
>>> If you forward the report, please keep this part and the footer.
>>>
>>> device eql entered promiscuous mode
>>> ------------[ cut here ]------------
>>> PF_CAN: dropped non conform CAN skbuf: dev type 65534, len 42, datalen 0
>>> WARNING: CPU: 0 PID: 3650 at net/can/af_can.c:729 can_rcv+0x1c5/0x200
>>> net/can/af_can.c:724
>>> Kernel panic - not syncing: panic_on_warn set ...
>>
>> Invalid packages generate a warning (WARN_ONCE()), and you have
>> panic_on_warn active. Should we better silently drop these CAN packages?
> 
> Hi,
> 
> pr_warn_once() will be more appropriate. It prints a single line.
> 

The idea behind this WARN() is to detect really bad things that might 
have happen on network driver level:

The CAN subsystem registers with dev_add_pack() for ETH_P_CAN and 
ETH_P_CANFD only. These ETH_P_ types are only allowed to be created by 
CAN network devices (like vcan, vxcan, and real CAN drivers).

I don't have any strong opinion on using WARN() or pr_warn_once().
Is this detected violation worth using WARN(), as something already must 
have gone really wrong to trigger this issue?

Best regards,
Oliver

Powered by blists - more mailing lists