lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: 
 <173473323379.3037384.4089610194127923528.git-patchwork-notify@kernel.org>
Date: Fri, 20 Dec 2024 22:20:33 +0000
From: patchwork-bot+netdevbpf@...nel.org
To: Levi Zim via B4 Relay <devnull+rsworktech.outlook.com@...nel.org>
Cc: john.fastabend@...il.com, jakub@...udflare.com, davem@...emloft.net,
 edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com, horms@...nel.org,
 dsahern@...nel.org, netdev@...r.kernel.org, bpf@...r.kernel.org,
 linux-kernel@...r.kernel.org, rsworktech@...look.com
Subject: Re: [PATCH net 0/2] Fix NPE discovered by running bpf kselftest

Hello:

This series was applied to bpf/bpf.git (master)
by Daniel Borkmann <daniel@...earbox.net>:

On Sat, 30 Nov 2024 21:38:21 +0800 you wrote:
> I found that bpf kselftest sockhash::test_txmsg_cork_hangs in
> test_sockmap.c triggers a kernel NULL pointer dereference:
> 
> BUG: kernel NULL pointer dereference, address: 0000000000000008
>  ? __die_body+0x6e/0xb0
>  ? __die+0x8b/0xa0
>  ? page_fault_oops+0x358/0x3c0
>  ? local_clock+0x19/0x30
>  ? lock_release+0x11b/0x440
>  ? kernelmode_fixup_or_oops+0x54/0x60
>  ? __bad_area_nosemaphore+0x4f/0x210
>  ? mmap_read_unlock+0x13/0x30
>  ? bad_area_nosemaphore+0x16/0x20
>  ? do_user_addr_fault+0x6fd/0x740
>  ? prb_read_valid+0x1d/0x30
>  ? exc_page_fault+0x55/0xd0
>  ? asm_exc_page_fault+0x2b/0x30
>  ? splice_to_socket+0x52e/0x630
>  ? shmem_file_splice_read+0x2b1/0x310
>  direct_splice_actor+0x47/0x70
>  splice_direct_to_actor+0x133/0x300
>  ? do_splice_direct+0x90/0x90
>  do_splice_direct+0x64/0x90
>  ? __ia32_sys_tee+0x30/0x30
>  do_sendfile+0x214/0x300
>  __se_sys_sendfile64+0x8e/0xb0
>  __x64_sys_sendfile64+0x25/0x30
>  x64_sys_call+0xb82/0x2840
>  do_syscall_64+0x75/0x110
>  entry_SYSCALL_64_after_hwframe+0x4b/0x53
> 
> [...]

Here is the summary with links:
  - [net,1/2] skmsg: return copied bytes in sk_msg_memcopy_from_iter
    https://git.kernel.org/bpf/bpf/c/fdf478d236dc
  - [net,2/2] tcp_bpf: fix copied value in tcp_bpf_sendmsg
    https://git.kernel.org/bpf/bpf/c/5153a75ef34b

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ