| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAKH8qBtNQ5RS6T4+8xfgoEs0tZv=ppTiDegNVoXcFe1SN_gGBg@mail.gmail.com>
Date: Thu, 7 Jul 2022 11:49:58 -0700
From: Stanislav Fomichev <sdf@...gle.com>
To: Cong Wang <xiyou.wangcong@...il.com>
Cc: Eric Dumazet <edumazet@...gle.com>,
syzbot <syzbot+a0e6f8738b58f7654417@...kaller.appspotmail.com>,
Cong Wang <cong.wang@...edance.com>,
Daniel Borkmann <daniel@...earbox.net>,
John Fastabend <john.fastabend@...il.com>,
David Miller <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
LKML <linux-kernel@...r.kernel.org>,
netdev <netdev@...r.kernel.org>, Paolo Abeni <pabeni@...hat.com>,
syzkaller-bugs <syzkaller-bugs@...glegroups.com>,
Wei Wang <weiwan@...gle.com>
Subject: Re: [syzbot] WARNING in sk_stream_kill_queues (8)
On Thu, Jul 7, 2022 at 11:39 AM Cong Wang <xiyou.wangcong@...il.com> wrote:
>
> On Wed, Jul 6, 2022 at 9:40 AM Cong Wang <xiyou.wangcong@...il.com> wrote:
> >
> > I will look into this tonight.
>
> The following patch could work. It uncharges the sk mem before passing skb
> to recv actor but still keeps skb->sk.
This seems to make syzkaller happy.
Tested-by: Stanislav Fomichev <sdf@...gle.com>
> diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
> index 9d2fd3ced21b..c6b1effb2afd 100644
> --- a/net/ipv4/tcp.c
> +++ b/net/ipv4/tcp.c
> @@ -1749,6 +1749,7 @@ int tcp_read_skb(struct sock *sk,
> skb_read_actor_t recv_actor)
> int used;
>
> __skb_unlink(skb, &sk->sk_receive_queue);
> + WARN_ON(!skb_set_owner_sk_safe(skb, sk));
> used = recv_actor(sk, skb);
> if (used <= 0) {
> if (!copied)
Powered by blists - more mailing lists