lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CACT4Y+ZFpO26Tgqpi+Jies9XOiiCgAdp2DV0z_54hCNTqkJsiw@mail.gmail.com>
Date:   Tue, 18 Dec 2018 09:49:17 +0100
From:   Dmitry Vyukov <dvyukov@...gle.com>
To:     Stefano Brivio <sbrivio@...hat.com>
Cc:     Eric Dumazet <eric.dumazet@...il.com>,
        Arjan van de Ven <arjan@...ux.intel.com>,
        "Paul E. McKenney" <paulmck@...ux.ibm.com>,
        syzbot <syzbot+43f6755d1c2e62743468@...kaller.appspotmail.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Josh Triplett <josh@...htriplett.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Ingo Molnar <mingo@...nel.org>,
        syzkaller-bugs <syzkaller-bugs@...glegroups.com>,
        netdev <netdev@...r.kernel.org>
Subject: Re: WARNING in __rcu_read_unlock

On Tue, Dec 18, 2018 at 12:18 AM Stefano Brivio <sbrivio@...hat.com> wrote:
>
> On Mon, 17 Dec 2018 16:53:36 +0100
> Dmitry Vyukov <dvyukov@...gle.com> wrote:
>
> > On Mon, Dec 17, 2018 at 4:24 PM Stefano Brivio <sbrivio@...hat.com> wrote:
> > >
> > > On Mon, 17 Dec 2018 06:57:35 -0800
> > > Eric Dumazet <eric.dumazet@...il.com> wrote:
> > >
> > > > Might be cause by commit b8a51b38e4d4dec3e379d52c0fe1a66827f7cf1e
> > > > fou, fou6: ICMP error handlers for FoU and GUE
> > >
> > > This:
> > >
> > > diff --git a/net/ipv4/fou.c b/net/ipv4/fou.c
> > > index 0d0ad19ecb87..20a6de26d146 100644
> > > --- a/net/ipv4/fou.c
> > > +++ b/net/ipv4/fou.c
> > > @@ -1008,6 +1008,9 @@ static int gue_err_proto_handler(int proto, struct sk_buff *skb, u32 info)
> > >  {
> > >         const struct net_protocol *ipprot = rcu_dereference(inet_protos[proto]);
> > >
> > > +       if (ipprot == IPPROTO_UDP)
> > > +               return -EINVAL;
> > > +
> > >         if (ipprot && ipprot->err_handler) {
> > >                 if (!ipprot->err_handler(skb, info))
> > >                         return 0;
> > >
> > > should fix the issue, but I still have to run tests and make sure we
> > > don't hit similar cases.
> >
> > Please don't forget to add a regression test for it too ;)
>
> Where would you suggest to add this? The only selftest that goes

I dunno. But there must be some place for such tests, right?

> through this path currently is net/pmtu.sh, but as configuration of an
> actual UDP-in-GUE tunnel is currently not supported, I would really
> need to forge that specific packet, so that doesn't seem to be a good
> fit.
>
> Won't syzbot add this to some list of reproducers that are checked in
> the future?

It won't. Also fuzzing is complementary to testing, not a replacement:
https://twitter.com/dvyukov/status/1074719682962358272

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ