INFO: task hung in do_ip_vs_set_ctl (2)

Hello, syzbot hit the following crash on upstream commit 3fd14cdcc05a682b03743683ce3a726898b20555 (Fri Apr 6 19:15:41 2018 +) Merge tag 'mtd/for-4.17' of git://git.infradead.org/linux-mtd syzbot dashboard link: https://syzkaller.appspot.com/bug?extid=7810ed2e0cb359580c17 Unfortunately, I

Re: [PATCH v2 net-next 03/13] net: Allow MSG_EOR in each msghdr of sendmmsg

On Mär 07 2016, Tom Herbert wrote: > This patch allows setting MSG_EOR in each individual msghdr passed > in sendmmsg. This allows a sendmmsg to send multiple messages when > using SOCK_SEQPACKET. This adds a new requirement to the interface of sendmmsg, namely that the

[PATCH v2 7/8] ipconfig: Write NTP server IPs to /proc/net/ntp

Distributed filesystems are most effective when the server and client clocks are synchronised. Embedded devices often use NFS for their root filesystem but typically do not contain an RTC, so the clocks of the NFS server and the embedded device will be out-of-sync when the root filesystem is

Re: [PATCH 0/8] ipconfig: NTP server support, bug fixes, documentation improvements

On 07/04/2018 17:29, David Miller wrote: > From: Chris Novakovic > Date: Sat, 7 Apr 2018 05:08:55 +0100 > >> This series (against net-next) makes various improvements to ipconfig: > > The net-next tree is closed at this time, please resubmit this series > when that tree

[PATCH v2 net] net: dsa: Discard frames from unused ports

The Marvell switches under some conditions will pass a frame to the host with the port being the CPU port. Such frames are invalid, and should be dropped. Not dropping them can result in a crash when incrementing the receive statistics for an invalid port. Reported-by: Chris Healy

Re: [RFC] ethtool: Support for driver private ioctl's

On 04/06/2018 06:51 AM, Jose Abreu wrote: > Hi Florian, > > On 05-04-2018 16:50, Florian Fainelli wrote: >> >> On 04/05/2018 03:47 AM, Jose Abreu wrote: >>> Hi All, >>> >>> I would like to know your opinion regarding adding support for >>> driver private ioctl's in ethtool. >>> >>> Background:

KMSAN: uninit-value in tipc_node_get_mtu

Hello, syzbot hit the following crash on https://github.com/google/kmsan.git/master commit e2ab7e8abba47a2f2698216258e5d8727ae58717 (Fri Apr 6 16:24:31 2018 +) kmsan: temporarily disable visitAsmInstruction() to help syzbot syzbot dashboard link:

Re: [PATCH v2 net] net: dsa: Discard frames from unused ports

On 04/07/2018 11:37 AM, Andrew Lunn wrote: > The Marvell switches under some conditions will pass a frame to the > host with the port being the CPU port. Such frames are invalid, and > should be dropped. Not dropping them can result in a crash when > incrementing the receive statistics for an

Re: [PATCH 0/8] ipconfig: NTP server support, bug fixes, documentation improvements

From: Chris Novakovic Date: Sat, 7 Apr 2018 05:08:55 +0100 > This series (against net-next) makes various improvements to ipconfig: The net-next tree is closed at this time, please resubmit this series when that tree opens up again. Thank you.

[PATCH v2 2/2] af_key: Use DIV_ROUND_UP() instead of open-coded equivalent

Several places use (x + 7) / 8 to convert from a number of bits to a number of bytes. Replace those with DIV_ROUND_UP(x, 8) instead, for consistency with other parts of the same file. Signed-off-by: Kevin Easton --- net/key/af_key.c | 13 +++-- 1 file changed, 7

[PATCH v2 0/2] af_key: Fix for sadb_key memcpy read overrun

As found by syzbot, af_key does not properly validate the key length in sadb_key messages from userspace. This can result in copying from beyond the end of the sadb_key part of the message, or indeed beyond the end of the entire packet. Both these patches apply cleanly to ipsec-next. Based on

Re: [PATCH 7/8] ipconfig: Write NTP server IPs to /proc/net/ntp

On 07/04/2018 05:09, Chris Novakovic wrote: > Distributed filesystems are most effective when the server and client > clocks are synchronised. Embedded devices often use NFS for their > root filesystem but typically do not contain an RTC, so the clocks of > the NFS server and the embedded device

[PATCH v2 1/2] af_key: Always verify length of provided sadb_key

Key extensions (struct sadb_key) include a user-specified number of key bits. The kernel uses that number to determine how much key data to copy out of the message in pfkey_msg2xfrm_state(). The length of the sadb_key message must be verified to be long enough, even in the case of

Re: [Patch net] net_sched: fix a missing idr_remove() in u32_delete_key()

On Fri, Apr 6, 2018 at 5:19 PM, Cong Wang wrote: > When we delete a u32 key via u32_delete_key(), we forget to > call idr_remove() to remove its handle from IDR. > > Fixes: e7614370d6f0 ("net_sched: use idr to allocate u32 filter handles") > Reported-by: Marcin Kabiesz

[PATCH] can: ti_hecc: fix close when napi poll is active

When closing this CAN interface while napi poll is active, for example with: `ip link set can0 down` several interfaces freeze. This seemed to be caused by napi_disable called from ti_hecc_close expecting the scheduled probe to either return quota or call napi_complete. Since the poll functions

[PATCH net 6/8] dccp: initialize ireq->ir_mark

syzbot reported an uninit-value read of skb->mark in iptable_mangle_hook() Thanks to the nice report, I tracked the problem to dccp not caring of ireq->ir_mark for passive sessions. BUG: KMSAN: uninit-value in ipt_mangle_out net/ipv4/netfilter/iptable_mangle.c:66 [inline] BUG: KMSAN:

[PATCH net 7/8] ipv4: fix uninit-value in ip_route_output_key_hash_rcu()

syzbot complained that res.type could be used while not initialized. Using RTN_UNSPEC as initial value seems better than using garbage. BUG: KMSAN: uninit-value in __mkroute_output net/ipv4/route.c:2200 [inline] BUG: KMSAN: uninit-value in ip_route_output_key_hash_rcu+0x31f0/0x3940

[PATCH net 8/8] soreuseport: initialise timewait reuseport field

syzbot reported an uninit-value in inet_csk_bind_conflict() [1] It turns out we never propagated sk->sk_reuseport into timewait socket. [1] BUG: KMSAN: uninit-value in inet_csk_bind_conflict+0x5f9/0x990 net/ipv4/inet_connection_sock.c:151 CPU: 1 PID: 3589 Comm: syzkaller008242 Not tainted

[PATCH net 5/8] net: fix uninit-value in __hw_addr_add_ex()

syzbot complained : BUG: KMSAN: uninit-value in memcmp+0x119/0x180 lib/string.c:861 CPU: 0 PID: 3 Comm: kworker/0:0 Not tainted 4.16.0+ #82 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: ipv6_addrconf addrconf_dad_work Call Trace:

[PATCH net 3/8] net: fix rtnh_ok()

syzbot reported : BUG: KMSAN: uninit-value in rtnh_ok include/net/nexthop.h:11 [inline] BUG: KMSAN: uninit-value in fib_count_nexthops net/ipv4/fib_semantics.c:469 [inline] BUG: KMSAN: uninit-value in fib_create_info+0x554/0x8d20 net/ipv4/fib_semantics.c:1091 @remaining is an integer, coming

[PATCH net 4/8] net: initialize skb->peeked when cloning

syzbot reported __skb_try_recv_from_queue() was using skb->peeked while it was potentially unitialized. We need to clear it in __skb_clone() Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Eric Dumazet Reported-by: syzbot ---

[PATCH net 1/8] crypto: af_alg - fix possible uninit-value in alg_bind()

syzbot reported : BUG: KMSAN: uninit-value in alg_bind+0xe3/0xd90 crypto/af_alg.c:162 We need to check addr_len before dereferencing sa (or uaddr) Fixes: bb30b8848c85 ("crypto: af_alg - whitelist mask and type") Signed-off-by: Eric Dumazet Reported-by: syzbot

[PATCH net 0/8] net: fix uninit-values in networking stack

It seems syzbot got new features enabled, and fired some interesting reports. Oh well. Eric Dumazet (8): crypto: af_alg - fix possible uninit-value in alg_bind() netlink: fix uninit-value in netlink_sendmsg net: fix rtnh_ok() net: initialize skb->peeked when cloning net: fix

[PATCH net 2/8] netlink: fix uninit-value in netlink_sendmsg

syzbot reported : BUG: KMSAN: uninit-value in ffs arch/x86/include/asm/bitops.h:432 [inline] BUG: KMSAN: uninit-value in netlink_sendmsg+0xb26/0x1310 net/netlink/af_netlink.c:1851 Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Eric Dumazet Reported-by: syzbot

[PATCH net] sctp: do not leak kernel memory to user space

syzbot produced a nice report [1] Issue here is that a recvmmsg() managed to leak 8 bytes of kernel memory to user space, because sin_zero (padding field) was not properly cleared. [1] BUG: KMSAN: uninit-value in copy_to_user include/linux/uaccess.h:184 [inline] BUG: KMSAN: uninit-value in

Re: KMSAN: uninit-value in tipc_node_get_mtu

syzbot has found reproducer for the following crash on https://github.com/google/kmsan.git/master commit e2ab7e8abba47a2f2698216258e5d8727ae58717 (Fri Apr 6 16:24:31 2018 +) kmsan: temporarily disable visitAsmInstruction() to help syzbot syzbot dashboard link:

wir bieten 2% Kredite

Sehr geehrte Damen und Herren, Sie brauchen Geld? Sie sind auf der suche nach einem Darlehnen? Seriös und unkompliziert? Dann sind Sie hier bei uns genau richtig. Durch unsere jahrelange Erfahrung und kompetente Beratung sind wir Europaweit tätig. Wir bieten jedem ein GÜNSTIGES Darlehnen zu TOP

business Proposal / Geschäftsvorschlag

I have a business Proposal for you, contact me directly This business has a cash involvement of $250,000,000.00 Anders Karlsson Ich habe einen Geschäftsvorschlag für Sie, kontaktieren Sie mich direkt Dieses Unternehmen hat eine Beteiligung von $ 250.000.000,00 - [] Anders Karlsson

Re: [PATCH net 0/8] net: fix uninit-values in networking stack

From: Eric Dumazet Date: Sat, 7 Apr 2018 13:42:35 -0700 > It seems syzbot got new features enabled, and fired some interesting > reports. Oh well. Series applied, however in patch #7 the condition syzbot detects cannot happen. In all code paths that lead to