Hi Florian, Pablo,

After the recent netfilter pull syzkaller in compat mode started failing with:

getsockopt(EBT_SO_GET_INIT_ENTRIES) (errno 22)

I think this is caused by:

commit 7d7d7e02111e9a4dc9d0658597f528f815d820fd
Author: Florian Westphal <f...@strlen.de>
Date:   Tue Feb 27 19:42:35 2018 +0100
    netfilter: compat: reject huge allocation requests

But I don't know if it's a problem with kernel or with our code (it
used to work before that commit, but this was the first netfilter code
that I ever wrote). Out code is here:

https://github.com/google/syzkaller/blob/676bd07e7e80f8a270af7f0276443c68f4a99e25/executor/common_linux.h#L1666

The idea behind checkpoint_ebtables() and reset_ebtables() is to reset
ebtables to initial state after each test (unfortunately, creating new
net namespaces is too damn expensive).

It does EBT_SO_GET_INIT_INFO and then EBT_SO_GET_INIT_ENTRIES to
memorize initial state. And EBT_SO_GET_INIT_ENTRIES started failing.
It fails on the first filter table, here is debug output:

checkpoint ebtable filter: entries=0 hooks=e size=144
getsockopt(EBT_SO_GET_INIT_ENTRIES) (errno 22)

I've added some debug output to kernel and I see that it's
xt_compat_init_offsets() that fails with EINVAL. What looks strange to
me is that EBT_SO_GET_INIT_INFO returns nentries==0 (while size==144).

Any insight will be appreciated. Is it something to fix in our code?

Also, what's the difference between EBT_SO_GET_INFO/ENTRIES and
EBT_SO_GET_INIT_INFO/ENTRIES? I guessed from the name that INIT is
what we want to use if we want to memorize initial state. Is it
correct?

Thanks
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to