Re: BUG() can be hit in tcp_collapse()

Hello, Eric, > Another sk_filter() is used in tcp v6. > So the correct patch would be : Thank you much for your research. I'm happy my report has resulted as the proposed patch. Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer

BUG() can be hit in tcp_collapse()

while, I see that commit c9c3321257 just increases(?) an skb buffer(?) (which fixes hitting the BUG() for this exact reproducer), but does not fix the real reason (so another set of syscalls still may cause hitting the BUG()). This is why I'm emailing not only to stable@, but also to netdev@, asking to review

Re: BUG() can be hit in tcp_collapse()

" statement, unfortunately, this investigation was not completed at the time the patch was accepted upstream. And unfortunately I do not see other way to add this information except making notes in a comment in the related code, which seems weird. Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer

[PATCH] xfrm: policy: check policy direction value

: 80c9abaabf42 ("[XFRM]: Extension for dynamic update of endpoint address(es)") Cc: <sta...@vger.kernel.org> # v2.6.21-rc1 Reported-by: "bo Zhang" <zhangbo5891...@gmail.com> Signed-off-by: Vladis Dronov <vdro...@redhat.com> --- net/xfrm/xfrm_policy.c | 6 ++

[PATCH v2 net] ipv4: Fix misplaced EXPORT_SYMBOL_GPL(ping_hash) in net/ipv4/ping.c

Signed-off-by: Vladis Dronov <vdro...@redhat.com> --- This is quite a smaill patch, please, feel free not to accept in separately, but use as a part of any patch of yours. net/ipv4/ping.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c

[PATCH] misplaced EXPORT_SYMBOL_GPL(ping_hash) in net/ipv4/ping.c

Move misplaced EXPORT_SYMBOL_GPL(ping_hash) to a proper place. Signed-off-by: Vladis Dronov <vdro...@redhat.com> --- Actually, this is so small and unimportant (it just hurts my perfectionism), so does not worth a separate patch. Please, feel free to make it a part of some patch of yours.

Re: KMSAN: uninit-value in memcmp (2)

6) to fix it. I hope I did not do much damage, reporting previous fix as a fix for this bug, as syzkaller will probably create another "KMSAN: uninit-value in <...>" report. Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer - Original Message ---

Re: KMSAN: uninit-value in __dev_mc_add

/marc.info/?l=linux-netdev=153795423320016=2 A simplified reproducer is attached. Best regards, Vladis Dronov #define _GNU_SOURCE #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include

Re: KMSAN: uninit-value in __dev_mc_add

e something else which I do not see. Could anyone suggest an advice on this? Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer