[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20240422145255.GA13918@breakpoint.cc>
Date: Mon, 22 Apr 2024 16:52:55 +0200
From: Florian Westphal <fw@...len.de>
To: Eric Dumazet <edumazet@...gle.com>
Cc: syzbot <syzbot+0c4150bff9fff3bf023c@...kaller.appspotmail.com>,
andrii@...nel.org, ast@...nel.org, bpf@...r.kernel.org,
daniel@...earbox.net, davem@...emloft.net, eddyz87@...il.com,
fw@...len.de, haoluo@...gle.com, horms@...nel.org,
john.fastabend@...il.com, jolsa@...nel.org, kpsingh@...nel.org,
kuba@...nel.org, linux-kernel@...r.kernel.org, martin.lau@...ux.dev,
netdev@...r.kernel.org, pabeni@...hat.com, sdf@...gle.com,
song@...nel.org, syzkaller-bugs@...glegroups.com,
yonghong.song@...ux.dev
Subject: Re: [syzbot] [bpf?] [net?] WARNING in skb_ensure_writable
Eric Dumazet <edumazet@...gle.com> wrote:
> Hmm... Not sure how to deal with this one... this is a 'false positive'
>
> diff --git a/net/core/filter.c b/net/core/filter.c
> index 58e8e1a70aa752a2c045117e00d8797478da4738..a7cea6d717ef321215bc4cf9ab3b83535c4eec98
> 100644
> --- a/net/core/filter.c
> +++ b/net/core/filter.c
> @@ -1662,6 +1662,11 @@ static DEFINE_PER_CPU(struct bpf_scratchpad, bpf_sp);
> static inline int __bpf_try_make_writable(struct sk_buff *skb,
> unsigned int write_len)
> {
> +#if defined(CONFIG_DEBUG_NET)
> + /* Avoid a splat in pskb_may_pull_reason() */
> + if (write_len > INT_MAX)
> + return -EINVAL;
> +#endif
> return skb_ensure_writable(skb, write_len);
> }
>
LGTM, thanks Eric. I think the current 'warn on > INT_MAX' makes sense
for normal (non-bpf) callers.
Powered by blists - more mailing lists