lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20240422145255.GA13918@breakpoint.cc>
Date: Mon, 22 Apr 2024 16:52:55 +0200
From: Florian Westphal <fw@...len.de>
To: Eric Dumazet <edumazet@...gle.com>
Cc: syzbot <syzbot+0c4150bff9fff3bf023c@...kaller.appspotmail.com>,
	andrii@...nel.org, ast@...nel.org, bpf@...r.kernel.org,
	daniel@...earbox.net, davem@...emloft.net, eddyz87@...il.com,
	fw@...len.de, haoluo@...gle.com, horms@...nel.org,
	john.fastabend@...il.com, jolsa@...nel.org, kpsingh@...nel.org,
	kuba@...nel.org, linux-kernel@...r.kernel.org, martin.lau@...ux.dev,
	netdev@...r.kernel.org, pabeni@...hat.com, sdf@...gle.com,
	song@...nel.org, syzkaller-bugs@...glegroups.com,
	yonghong.song@...ux.dev
Subject: Re: [syzbot] [bpf?] [net?] WARNING in skb_ensure_writable

Eric Dumazet <edumazet@...gle.com> wrote:
> Hmm... Not sure how to deal with this one... this is a 'false positive'
> 
> diff --git a/net/core/filter.c b/net/core/filter.c
> index 58e8e1a70aa752a2c045117e00d8797478da4738..a7cea6d717ef321215bc4cf9ab3b83535c4eec98
> 100644
> --- a/net/core/filter.c
> +++ b/net/core/filter.c
> @@ -1662,6 +1662,11 @@ static DEFINE_PER_CPU(struct bpf_scratchpad, bpf_sp);
>  static inline int __bpf_try_make_writable(struct sk_buff *skb,
>                                           unsigned int write_len)
>  {
> +#if defined(CONFIG_DEBUG_NET)
> +       /* Avoid a splat in pskb_may_pull_reason() */
> +       if (write_len > INT_MAX)
> +               return -EINVAL;
> +#endif
>         return skb_ensure_writable(skb, write_len);
>  }
> 

LGTM, thanks Eric.  I think the current 'warn on > INT_MAX' makes sense
for normal (non-bpf) callers.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ