lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CANn89iLBO7U40gNDysTD0wCPMAsgUQV3u_T1yzv1oaa=sLKyfQ@mail.gmail.com>
Date:   Thu, 6 Jul 2023 17:05:28 +0200
From:   Eric Dumazet <edumazet@...gle.com>
To:     Kaiyu Zhang <squirrel.prog@...il.com>
Cc:     davem@...emloft.net, kuba@...nel.org, pabeni@...hat.com,
        netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] gro: check returned skb of napi_frags_skb() against NULL

On Thu, Jul 6, 2023 at 4:35 PM Kaiyu Zhang <squirrel.prog@...il.com> wrote:
>
> Yes the network adapter needs to be fixed for passing invalid packets to GRO. And a message like "dropping impossible skb" should be indicative enough for developers to do so.
>
> And yet I propose this patch because an immediate system crash caused by NULL pointer access after the above warning message is a bit more difficult to analyse on some test bed where developers have to restore kernel messages after a reboot .
>
> Furthermore, the adapter I'm working with is capable of receiving very small packets (1 or 2 bytes). They insist this is a feature rather than a bug. I can, and I will check packet length before passing them to GRO, for this particular adapter. But maybe a non-crash warning in general might be helpful to other developers who will face the same problem and spare them some effort on debugging.

1 or 2 bytes would still be stored in an skb, right ?

GRO is already very slow, we do not want to make it even slower so
that some developers can save time.
A kernel crash would point to the NULL deref just fine.

If we continue this path, we will soon add "if (!skb) be_kind" to all
functions accepting an skb as a parameter,
then everything else...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ