lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 3 Jul 2019 09:01:37 -0700
From:   Eric Biggers <ebiggers@...nel.org>
To:     John Fastabend <john.fastabend@...il.com>
Cc:     Boris Pismenny <borisp@...lanox.com>,
        Aviad Yehezkel <aviadye@...lanox.com>,
        Dave Watson <davejwatson@...com>,
        Daniel Borkmann <daniel@...earbox.net>, netdev@...r.kernel.org,
        davem@...emloft.net, glider@...gle.com,
        herbert@...dor.apana.org.au, linux-crypto@...r.kernel.org,
        linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com,
        bpf@...r.kernel.org,
        syzbot <syzbot+6f50c99e8f6194bf363f@...kaller.appspotmail.com>
Subject: Re: [net/tls] Re: KMSAN: uninit-value in aesti_encrypt

On Thu, Jun 27, 2019 at 12:01:23PM -0700, Eric Biggers wrote:
> On Thu, Jun 27, 2019 at 11:19:51AM -0700, John Fastabend wrote:
> > Eric Biggers wrote:
> > > [+TLS maintainers]
> > > 
> > > Very likely a net/tls bug, not a crypto bug.
> > > 
> > > Possibly a duplicate of other reports such as "KMSAN: uninit-value in gf128mul_4k_lle (3)"
> > > 
> > > See https://lore.kernel.org/netdev/20190625055019.GD17703@sol.localdomain/ for
> > > the list of 17 other open syzbot bugs I've assigned to the TLS subsystem.  TLS
> > > maintainers, when are you planning to look into these?
> > > 
> > > On Thu, Jun 27, 2019 at 09:37:05AM -0700, syzbot wrote:
> > 
> > I'm looking at this issue now. There is a series on bpf list now to address
> > many of those 17 open issues but this is a separate issue. I can reproduce
> > it locally so should have a fix soon.
> > 
> 
> Okay, great!  However, just to clarify, the 17 syzbot bugs I assigned to TLS are
> in addition to the 30 I assigned to BPF
> (https://lore.kernel.org/lkml/20190624050114.GA30702@sol.localdomain/).
> (Well, since I sent that it's actually up to 35 now.)
> 
> I do expect most of these are duplicates, so when you are fixing the bugs, it
> would be really helpful (for everyone, including you in the future :-) ) if you
> would include the corresponding Reported-by syzbot line for *every* syzbot
> report you think is addressed, so they get closed.
> 

Hi John, there's no activity on your patch thread
(https://lore.kernel.org/bpf/5d1507e7b3eb6_e392b1ee39f65b463@john-XPS-13-9370.notmuch/T/#t)
this week yet, nor do the patches seem to be applied anywhere.  What is the ETA
on actually fixing the bug(s)?  There are now like 20 syzbot reports for
seemingly the same bug, since it's apparently causing massive memory corruption;
and this is wasting a lot of other kernel developers' time.  This has been going
on for over a month; any reason why it's taking so long to fix?

Also, have you written a regression test for this bug so it doesn't happen
again?

- Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ