| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <tencent_213674966436C24A88742F76A367083DF709@qq.com>
Date: Fri, 28 Nov 2025 16:09:36 +0800
From: Edward Adam Davis <eadavis@...com>
To: syzbot+28e5f3d207b14bae122a@...kaller.appspotmail.com
Cc: linux-kernel@...r.kernel.org,
syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [kvm?] [net?] [virt?] WARNING in virtio_transport_send_pkt_info (2)
#syz test
diff --git a/net/core/datagram.c b/net/core/datagram.c
index c285c6465923..da10465cd8a4 100644
--- a/net/core/datagram.c
+++ b/net/core/datagram.c
@@ -748,10 +748,13 @@ int __zerocopy_sg_from_iter(struct msghdr *msg, struct sock *sk,
size_t length,
struct net_devmem_dmabuf_binding *binding)
{
+ struct iov_iter_state state;
unsigned long orig_size = skb->truesize;
unsigned long truesize;
int ret;
+ iov_iter_save_state(from, &state);
+
if (msg && msg->msg_ubuf && msg->sg_from_iter)
ret = msg->sg_from_iter(skb, from, length);
else if (binding)
@@ -759,6 +762,9 @@ int __zerocopy_sg_from_iter(struct msghdr *msg, struct sock *sk,
else
ret = zerocopy_fill_skb_from_iter(skb, from, length);
+ if (ret)
+ iov_iter_restore(from, &state);
+
truesize = skb->truesize - orig_size;
if (sk && sk->sk_type == SOCK_STREAM) {
sk_wmem_queued_add(sk, truesize);
Powered by blists - more mailing lists