mbox series

[v2,0/3] xfrm/compat: syzbot-found fixes

Message ID 20201102161447.1266001-1-dima@arista.com
Headers show
Series xfrm/compat: syzbot-found fixes | expand

Message

Dmitry Safonov Nov. 2, 2020, 4:14 p.m. UTC
v2: Added "Fixes" tags to the patches.

WARN_ON() for XFRMA_UNSPEC translation which likely no-one except
syzkaller uses; properly zerofy tail-padding for 64-bit attribute;
don't use __GFP_ZERO as the memory is initialized during translation.

Cc: Steffen Klassert <steffen.klassert@secunet.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Hillf Danton <hdanton@sina.com>
Cc: netdev@vger.kernel.org

Thanks,
         Dmitry

Dmitry Safonov (3):
  xfrm/compat: Translate by copying XFRMA_UNSPEC attribute
  xfrm/compat: memset(0) 64-bit padding at right place
  xfrm/compat: Don't allocate memory with __GFP_ZERO

 net/xfrm/xfrm_compat.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)


base-commit: 3cea11cd5e3b00d91caf0b4730194039b45c5891

Comments

Steffen Klassert Nov. 10, 2020, 6:35 a.m. UTC | #1
On Mon, Nov 02, 2020 at 04:14:44PM +0000, Dmitry Safonov wrote:
> v2: Added "Fixes" tags to the patches.
> 
> WARN_ON() for XFRMA_UNSPEC translation which likely no-one except
> syzkaller uses; properly zerofy tail-padding for 64-bit attribute;
> don't use __GFP_ZERO as the memory is initialized during translation.
> 
> Cc: Steffen Klassert <steffen.klassert@secunet.com>
> Cc: "David S. Miller" <davem@davemloft.net>
> Cc: Jakub Kicinski <kuba@kernel.org>
> Cc: Herbert Xu <herbert@gondor.apana.org.au>
> Cc: Hillf Danton <hdanton@sina.com>
> Cc: netdev@vger.kernel.org
> 
> Thanks,
>          Dmitry
> 
> Dmitry Safonov (3):
>   xfrm/compat: Translate by copying XFRMA_UNSPEC attribute
>   xfrm/compat: memset(0) 64-bit padding at right place
>   xfrm/compat: Don't allocate memory with __GFP_ZERO

Series applied, thanks a lot Dmitry!