lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <99b9f7b6-0be5-445a-8bac-1d3f5d67a818@yandex.ru>
Date: Wed, 4 Dec 2024 13:47:09 +0300
From: Dmitry Antipov <dmantipov@...dex.ru>
To: Yuqi Jin <jinyuqi@...wei.com>
Cc: Shaokun Zhang <zhangshaokun@...ilicon.com>,
 "David S. Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>,
 netdev@...r.kernel.org
Subject: On a6211caa634d ("net: revert "net: get rid of an,signed integer
 overflow in ip_idents_reserve()")

Could you please (re)consider a6211caa634d ("net: revert "net: get rid of an
signed integer overflow in ip_idents_reserve()") one more time? With clang
19.1.4 as distributed by LLVM project:

clang version 19.1.4 (/home/runner/work/llvm-project/llvm-project/clang aadaa00de76ed0c4987b97450dd638f63a385bed)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /home/antipov/.local/LLVM-19.1.4-Linux-X64/bin

I've hit the following UBSAN warning on 6.13.0-rc1:

UBSAN: signed-integer-overflow in ./arch/x86/include/asm/atomic.h:85:11
1584476935 + 1988933977 cannot be represented in type 'int'
CPU: 2 UID: 0 PID: 169 Comm: kworker/u17:5 Not tainted 6.13.0-rc1-00026-gd7fa4bf3dc47-dirty #2
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014
Workqueue: wg-kex-wg0 wg_packet_handshake_send_worker
Call Trace:
  <TASK>
  dump_stack_lvl+0x1c2/0x2a0
  ? __pfx_dump_stack_lvl+0x10/0x10
  ? __pfx__printk+0x10/0x10
  ? __asan_memset+0x22/0x50
  handle_overflow+0x1d0/0x210
  __ip_select_ident+0x323/0x360
  iptunnel_xmit+0x55e/0xa00
  udp_tunnel_xmit_skb+0x264/0x3c0
  send4+0x7d2/0xbd0
  ? send4+0x1d8/0xbd0
  ? __pfx_send4+0x10/0x10
  ? wg_socket_send_buffer_to_peer+0x13b/0x1c0
  wg_socket_send_skb_to_peer+0xd1/0x1d0
  wg_packet_handshake_send_worker+0x1dc/0x320
  ? __pfx_wg_packet_handshake_send_worker+0x10/0x10
  ? _raw_spin_unlock_irq+0x23/0x50
  ? process_scheduled_works+0x976/0x1700
  ? process_scheduled_works+0x976/0x1700
  process_scheduled_works+0xa56/0x1700
  ? __pfx_process_scheduled_works+0x10/0x10
  ? assign_work+0x3d0/0x440
  worker_thread+0x8be/0xe30
  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
  ? _raw_spin_unlock_irqrestore+0xae/0x110
  ? __kthread_parkme+0x7b/0x1c0
  kthread+0x2c6/0x360
  ? __pfx_worker_thread+0x10/0x10
  ? __pfx_kthread+0x10/0x10
  ret_from_fork+0x4e/0x80
  ? __pfx_kthread+0x10/0x10
  ret_from_fork_asm+0x1a/0x30
  </TASK>

Command line is:

clang -E -D__GENKSYMS__ -Wp,-MMD,net/ipv4/.route.o.d -nostdinc -I./arch/x86/include -I./arch/x86/include/generated -I./include -I./include -I./arch/x86/include/uapi -I./arch/x86/include/generated/uapi 
-I./include/uapi -I./include/generated/uapi -include ./include/linux/compiler-version.h -include ./include/linux/kconfig.h -include ./include/linux/compiler_types.h -D__KERNEL__ 
--target=x86_64-linux-gnu -fintegrated-as -Werror=unknown-warning-option -Werror=ignored-optimization-argument -Werror=option-ignored -Werror=unused-command-line-argument -Wundef -DKBUILD_EXTRA_WARN1 
-std=gnu11 -fshort-wchar -funsigned-char -fno-common -fno-PIE -fno-strict-aliasing -mno-sse -mno-mmx -mno-sse2 -mno-3dnow -mno-avx -fcf-protection=branch -fno-jump-tables -m64 -falign-loops=1 
-mno-80387 -mno-fp-ret-in-387 -mstack-alignment=8 -mskip-rax-setup -march=core2 -mno-red-zone -mcmodel=kernel -Wno-sign-compare -fno-asynchronous-unwind-tables -mretpoline-external-thunk 
-mindirect-branch-cs-prefix -mfunction-return=thunk-extern -fpatchable-function-entry=16,16 -fno-delete-null-pointer-checks -O2 -fstack-protector-strong -fomit-frame-pointer 
-ftrivial-auto-var-init=zero -fno-stack-clash-protection -falign-functions=16 -fstrict-flex-arrays=3 -fno-strict-overflow -fno-stack-check -Wall -Wundef -Werror=implicit-function-declaration 
-Werror=implicit-int -Werror=return-type -Werror=strict-prototypes -Wno-format-security -Wno-trigraphs -Wno-frame-address -Wno-address-of-packed-member -Wmissing-declarations -Wmissing-prototypes 
-Wframe-larger-than=2048 -Wno-gnu -Wvla -Wno-pointer-sign -Wcast-function-type -Wimplicit-fallthrough -Werror=date-time -Werror=incompatible-pointer-types -Wextra -Wunused -Wmissing-format-attribute 
-Wmissing-include-dirs -Wunused-const-variable -Wno-missing-field-initializers -Wno-type-limits -Wno-shift-negative-value -Wno-sign-compare -Wno-unused-parameter -g -gdwarf-4 
-fsanitize=kernel-address -mllvm -asan-mapping-offset=0xdffffc0000000000  -mllvm -asan-instrumentation-with-call-threshold=10000  -mllvm -asan-stack=1    -mllvm -asan-globals=1  -mllvm 
-asan-kernel-mem-intrinsic-prefix=1  -fsanitize=array-bounds -fsanitize=shift  -fsanitize=signed-integer-overflow  -fsanitize-coverage=trace-pc -fsanitize-coverage=trace-cmp 
-DKBUILD_MODFILE='"net/ipv4/route"' -DKBUILD_BASENAME='"route"' -DKBUILD_MODNAME='"route"' -D__KBUILD_MODNAME=kmod_route net/ipv4/route.c

Dmitry

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ