lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 13 Feb 2020 12:00:21 -0800
From:   Eric Dumazet <eric.dumazet@...il.com>
To:     "Eric W. Biederman" <ebiederm@...ssion.com>,
        syzbot <syzbot+830c6dbfc71edc4f0b8f@...kaller.appspotmail.com>
Cc:     andriin@...com, ast@...nel.org, bpf@...r.kernel.org,
        daniel@...earbox.net, davem@...emloft.net, dsahern@...il.com,
        hawk@...nel.org, jiri@...lanox.com, johannes.berg@...el.com,
        john.fastabend@...il.com, kafai@...com, kuba@...nel.org,
        linux-kernel@...r.kernel.org, mkubecek@...e.cz,
        netdev@...r.kernel.org, songliubraving@...com,
        syzkaller-bugs@...glegroups.com, yhs@...com
Subject: Re: WARNING in dev_change_net_namespace



On 2/13/20 11:57 AM, Eric Dumazet wrote:
> 
> 
> On 2/13/20 11:00 AM, Eric W. Biederman wrote:
>> syzbot <syzbot+830c6dbfc71edc4f0b8f@...kaller.appspotmail.com> writes:
>>
>>> Hello,
>>
>> Has someone messed up the network device kobject support.
>> I don't have the exact same code as listed here so I may
>> be misreading things.  But the only WARN_ON I see in
>> dev_change_net_namespaces is from kobject_rename.
>>
>> It is not supposed to be possible for that to fail.
> 
> Well, this code is attempting kmalloc() calls, so can definitely fail.
> 
> syzbot is using fault injection to force few kmalloc() to return NULL

[  533.360275][T24839] FAULT_INJECTION: forcing a failure.
[  533.360275][T24839] name failslab, interval 1, probability 0, space 0, times 0
[  533.418952][T24839] CPU: 0 PID: 24839 Comm: syz-executor.4 Not tainted 5.6.0-rc1-syzkaller #0
[  533.427669][T24839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  533.437873][T24839] Call Trace:
[  533.441188][T24839]  dump_stack+0x1fb/0x318
[  533.445677][T24839]  should_fail+0x4b8/0x660
[  533.450125][T24839]  __should_failslab+0xb9/0xe0
[  533.454913][T24839]  ? kzalloc+0x21/0x40
[  533.459000][T24839]  should_failslab+0x9/0x20
[  533.463524][T24839]  __kmalloc+0x7a/0x340
[  533.467698][T24839]  kzalloc+0x21/0x40
[  533.471604][T24839]  kobject_rename+0x12f/0x4d0
[  533.476399][T24839]  ? sysfs_rename_link_ns+0x179/0x1b0
[  533.481782][T24839]  device_rename+0x16d/0x190
[  533.486380][T24839]  dev_change_net_namespace+0x1375/0x16b0
[  533.492550][T24839]  ? ns_capable+0x91/0xf0
[  533.496900][T24839]  ? netlink_ns_capable+0xcf/0x100
[  533.502038][T24839]  ? rtnl_link_get_net_capable+0x136/0x280
[  533.508470][T24839]  do_setlink+0x196/0x3880
[  533.512943][T24839]  ? __kasan_check_read+0x11/0x20
[  533.517992][T24839]  rtnl_newlink+0x1509/0x1c00

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ