| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <878r222iqz.fsf@toke.dk> Date: Thu, 28 Mar 2024 21:39:48 +0100 From: Toke Høiland-Jørgensen <toke@...nel.org> To: Jesper Dangaard Brouer <hawk@...nel.org>, Alexei Starovoitov <alexei.starovoitov@...il.com>, syzbot <syzbot+af9492708df9797198d6@...kaller.appspotmail.com> Cc: andrii@...nel.org, ast@...nel.org, bpf@...r.kernel.org, daniel@...earbox.net, davem@...emloft.net, eddyz87@...il.com, haoluo@...gle.com, john.fastabend@...il.com, jolsa@...nel.org, kpsingh@...nel.org, kuba@...nel.org, linux-kernel@...r.kernel.org, martin.lau@...ux.dev, netdev@...r.kernel.org, sdf@...gle.com, song@...nel.org, syzkaller-bugs@...glegroups.com, yonghong.song@...ux.dev Subject: Re: [syzbot] [bpf?] [net?] general protection fault in dev_map_enqueue Jesper Dangaard Brouer <hawk@...nel.org> writes: > On 27/03/2024 16.19, Alexei Starovoitov wrote: >> Toke, Jesper, >> >> please take a look. >> It's reproducible 100% of the time. >> dst is NULL in dev_map_enqueue(). >> > > The `dst` (NULL) is basically `ri->tgt_value` being passed through > (unmodified) via xdp_do_redirect_frame() and __xdp_do_redirect_frame() > into dev_map_enqueue(). > > I think something is wrong in xdp_test_run_batch(). > The `ri->tgt_value` is being set in __bpf_xdp_redirect_map(), but I > cannot see __bpf_xdp_redirect_map() being used in xdp_test_run_batch(). > > Toke, can you take a look at xdp_test_run_batch() and where > `ri->tgt_value` is getting set? Sure! I'm off for Easter, but I'll take a look when I get back next week :) -Toke
Powered by blists - more mailing lists