Re: [RFC PATCH net] rxrpc: Fix missing dependency on NET_UDP_TUNNEL

quot;rxrpc: use udp tunnel APIs instead of open code in > rxrpc_open_socket") > Reported-by: kernel test robot > Suggested-by: Vadim Fedorenko > Signed-off-by: David Howells > cc: Xin Long > cc: a...@dev.mellanox.co.il > cc: Jakub Kicinski > --- > > net/rxrp

Re: KASAN: use-after-free Read in decode_session6

On Tue, Nov 3, 2020 at 9:14 PM Xin Long wrote: > > On Sun, Nov 1, 2020 at 1:40 PM syzbot > wrote: > > > > syzbot has bisected this issue to: > > > > commit bcd623d8e9fa5f82bbd8cd464dc418d24139157b > > Author: Xin Long > > Date: Thu Oct

Re: KASAN: use-after-free Read in decode_session6

On Sun, Nov 1, 2020 at 1:40 PM syzbot wrote: > > syzbot has bisected this issue to: > > commit bcd623d8e9fa5f82bbd8cd464dc418d24139157b > Author: Xin Long > Date: Thu Oct 29 07:05:05 2020 + > > sctp: call sk_setup_caps in sctp_packet_transmit instead &

Re: KASAN: use-after-free Read in tipc_mcast_xmit (2)

ada44d90 > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1400746790 > > The issue was bisected to: > > commit ff48b6222e65ebdba5a403ef1deba6214e749193 > Author: Xin Long > Date: Sun Sep 13 11:37:31 2020 + > > tipc: use skb_unshare() instead in tipc_b

Re: WARNING: suspicious RCU usage in tipc_l2_send_msg

On Sat, Jun 27, 2020 at 1:25 AM syzbot wrote: > > Hello, > > syzbot found the following crash on: > > HEAD commit:b835a71e usbnet: smsc95xx: Fix use-after-free after removal > git tree: net > console output: https://syzkaller.appspot.com/x/log.txt?x=1095a51d10 > kernel config:

Re: net/tipc/udp_media.c:743: undefined reference to `ipv6_dev_find'

On Sun, Aug 16, 2020 at 4:32 PM kernel test robot wrote: > > Hi Xin, > > FYI, the error/warning still remains. > > tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git > master > head: 4b6c093e21d36bede0fd88fd0aeb3b03647260e4 > commit:

Re: net/tipc/udp_media.c:743: undefined reference to `ipv6_dev_find'

On Wed, Aug 12, 2020 at 7:21 AM kernel test robot wrote: > > tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git > master > head: c636eef2ee3696f261a35f34989842701a107895 > commit: 5a6f6f579178dbeb33002d93b4f646c31348fac9 tipc: set ub->ifindex for > local ipv6 address >

Re: [PATCH net-next] ip_vti: Fix unused variable warning

"ip_vti: not register vti_ipip_handler twice") Acked-by: Xin Long > --- > net/ipv4/ip_vti.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c > index 49daaed89764..f687abb069fa 100644 > --- a/net/ipv4/ip_vti.c > +++

Re: WARNING in xfrm_policy_insert

On Mon, Jul 27, 2020 at 4:11 AM syzbot wrote: > > syzbot suspects this issue was fixed by commit: > > commit ed17b8d377eaf6b4a01d46942b4c647378a79bdd > Author: Xin Long > Date: Mon May 25 05:53:37 2020 + > > xfrm: fix a warning in xfrm_policy_insert_list &

Re: KASAN: slab-out-of-bounds Read in __xfrm6_tunnel_spi_lookup

Hi, Steffen, I've confirmed the patchset I posted yesterday would fix this: [PATCH ipsec-next 0/3] xfrm: not register one xfrm(6)_tunnel object twice Thanks. On Tue, Jul 14, 2020 at 5:37 PM Steffen Klassert wrote: > > Xin, > > this looks a bit like it was introduced with one of your recent >

Re: KASAN: slab-out-of-bounds Read in __xfrm6_tunnel_spi_lookup

On Tue, Jul 14, 2020 at 5:37 PM Steffen Klassert wrote: > > Xin, > > this looks a bit like it was introduced with one of your recent > patches. Can you please look into that? Yes, I'm looking into it. Thanks. > > Thanks! > > On Mon, Jul 13, 2020 at 03:04:16PM -0700, syzbot wrote: > > Hello, > >

Re: Strange problem with SCTP+IPv6

22 June 2020 19:33 > >>>>>> On Mon, Jun 22, 2020 at 08:01:24PM +0200, Michael Tuexen wrote: > >>>>>>>> On 22. Jun 2020, at 18:57, Corey Minyard wrote: > >>>>>>>> > >>>>>>>> On Mon, Jun 22,

Re: Strange problem with SCTP+IPv6

On Wed, Jun 24, 2020 at 12:00 AM Corey Minyard wrote: > > On Tue, Jun 23, 2020 at 11:40:21PM +0800, Xin Long wrote: > > On Tue, Jun 23, 2020 at 9:29 PM Corey Minyard wrote: > > > > > > On Tue, Jun 23, 2020 at 06:13:30PM +0800, Xin Long wrote: > > > &g

Re: Strange problem with SCTP+IPv6

On Tue, Jun 23, 2020 at 9:29 PM Corey Minyard wrote: > > On Tue, Jun 23, 2020 at 06:13:30PM +0800, Xin Long wrote: > > On Tue, Jun 23, 2020 at 2:34 AM Michael Tuexen > > wrote: > > > > > > > On 22. Jun 2020, at 20:32, Marcelo Ricardo Leitner > > >

Re: Strange problem with SCTP+IPv6

t;>> > >>> On Mon, Jun 22, 2020 at 08:01:23PM +0800, Xin Long wrote: > >>>> On Sun, Jun 21, 2020 at 11:56 PM Corey Minyard wrote: > >>>>> > >>>>> I've stumbled upon a strange problem with SCTP and IPv6. If I create an > >&g

Re: Strange problem with SCTP+IPv6

On Sun, Jun 21, 2020 at 11:56 PM Corey Minyard wrote: > > I've stumbled upon a strange problem with SCTP and IPv6. If I create an > sctp listening socket on :: and set the IPV6_V6ONLY socket option on it, > then I make a connection to it using ::1, the connection will drop after > 2.5 seconds

Re: [PATCH v2] sctp: check assoc before SCTP_ADDR_{MADE_PRIM,ADDED} event

ddress that is > part of an existing association has experienced a change of > state (e.g., a failure or return to service of the reachability > of an endpoint via a specific transport address). > > Signed-off-by: Jonas Falkevik Reviewed-by: Xin Long > --- > Changes in v2: >

Re: [PATCH] sctp: check assoc before SCTP_ADDR_{MADE_PRIM,ADDED} event

On Mon, May 25, 2020 at 9:10 PM Marcelo Ricardo Leitner wrote: > > On Mon, May 25, 2020 at 04:42:16PM +0800, Xin Long wrote: > > On Sat, May 23, 2020 at 8:04 PM Jonas Falkevik > > wrote: > > > > > > On Tue, May 19, 2020 at 10:42 PM Marcelo Ricardo Leitner

Re: [PATCH] sctp: check assoc before SCTP_ADDR_{MADE_PRIM,ADDED} event

On Sat, May 23, 2020 at 8:04 PM Jonas Falkevik wrote: > > On Tue, May 19, 2020 at 10:42 PM Marcelo Ricardo Leitner > wrote: > > > > On Fri, May 15, 2020 at 10:30:29AM +0200, Jonas Falkevik wrote: > > > On Wed, May 13, 2020 at 11:32 PM Marcelo Ricardo Leitner > > > wrote: > > > > > > > > On Wed,

Re: [PATCH v2] xfrm: policy: Fix xfrm policy match

On Fri, May 22, 2020 at 8:39 PM Yuehaibing wrote: > > On 2020/5/22 13:49, Xin Long wrote: > > On Fri, May 22, 2020 at 9:45 AM Yuehaibing wrote: > >> > >> On 2020/5/21 14:49, Xin Long wrote: > >>> On Tue, May 19, 2020 at 4:53 PM Steffen Klassert > &

Re: [PATCH v2] xfrm: policy: Fix xfrm policy match

On Fri, May 22, 2020 at 9:45 AM Yuehaibing wrote: > > On 2020/5/21 14:49, Xin Long wrote: > > On Tue, May 19, 2020 at 4:53 PM Steffen Klassert > > wrote: > >> > >> On Fri, May 15, 2020 at 04:39:57PM +0800, Yuehaibing wrote: > >>> > >&

Re: [PATCH v2] xfrm: policy: Fix xfrm policy match

On Tue, May 19, 2020 at 4:53 PM Steffen Klassert wrote: > > On Fri, May 15, 2020 at 04:39:57PM +0800, Yuehaibing wrote: > > > > Friendly ping... > > > > Any plan for this issue? > > There was still no consensus between you and Xin on how > to fix this issue. Once this happens, I consider applying

Re: memory leak in sctp_get_port_local (3)

On Mon, Oct 14, 2019 at 10:50 AM syzbot wrote: > > Hello, > > syzbot found the following crash on: > > HEAD commit:da940012 Merge tag 'char-misc-5.4-rc3' of git://git.kernel.. > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=11c87fc760 > kernel

Re: net/dst_cache.c: preemption bug in net/dst_cache.c

On Fri, Aug 23, 2019 at 3:58 PM Bharath Vedartham wrote: > > Hi all, > > I just want to bring attention to the syzbot bug [1] > > Even though syzbot claims the bug to be in net/tipc, I feel it is in > net/dst_cache.c. Please correct me if I am wrong. > > This bug is being triggered a lot of times

Re: KASAN: slab-out-of-bounds Read in sctp_inq_pop

On Tue, Aug 27, 2019 at 1:15 AM syzbot wrote: > > Hello, > > syzbot found the following crash on: > > HEAD commit:9733a7c6 Add linux-next specific files for 20190823 > git tree: linux-next > console output: https://syzkaller.appspot.com/x/log.txt?x=143ec11e60 > kernel config:

Re: kernel BUG at include/linux/skbuff.h:LINE! (2)

On Mon, Aug 19, 2019 at 10:44 PM Xin Long wrote: > > On Sun, Aug 18, 2019 at 10:13 PM Dmitry Vyukov wrote: > > > > On Sun, Aug 18, 2019 at 7:07 AM Xin Long wrote: > > > > > > On Sat, Aug 17, 2019 at 2:38 AM syzbot > > > wrote: > > > >

Re: kernel BUG at include/linux/skbuff.h:LINE! (2)

On Sun, Aug 18, 2019 at 10:13 PM Dmitry Vyukov wrote: > > On Sun, Aug 18, 2019 at 7:07 AM Xin Long wrote: > > > > On Sat, Aug 17, 2019 at 2:38 AM syzbot > > wrote: > > > > > > Hello, > > > > > > syzbot found the following crash on:

Re: kernel BUG at include/linux/skbuff.h:LINE! (2)

On Sat, Aug 17, 2019 at 2:38 AM syzbot wrote: > > Hello, > > syzbot found the following crash on: > > HEAD commit:459c5fb4 Merge branch 'mscc-PTP-support' > git tree: net-next > console output: https://syzkaller.appspot.com/x/log.txt?x=13f2d33c60 > kernel config:

Re: memory leak in sctp_get_port_local (2)

reate net/sctp/socket.c:8374 [inline] > [<ff3ccf22>] sctp_get_port_local+0x189/0x5b0 > net/sctp/socket.c:8121 > [<eed41612>] sctp_do_bind+0xcc/0x1e0 net/sctp/socket.c:402 > [<2bf65239>] sctp_bind+0x44/0x70 net/sctp/socket.c:30

Re: [PATCH 4.14 43/43] tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb

hav a problem with 4.19.y? How about 5.2.y? If not, can > > you do 'git bisect' to find the patch that fixes the issue? > > > > thanks, > > > > greg k-h > > Hi, please pick this to 4.14.y and 4.19.y, tested that it fixes the > crash in both: > > commi

Re: [PATCH] net: sctp: fix memory leak in sctp_send_reset_streams

On Sun, Jun 2, 2019 at 9:36 PM Xin Long wrote: > > On Sun, Jun 2, 2019 at 6:52 PM Neil Horman wrote: > > > > On Sun, Jun 02, 2019 at 11:44:29AM +0800, Hillf Danton wrote: > > > > > > syzbot found the following crash on: > > > > > > HEAD com

Re: general protection fault in sctp_sched_prio_sched

> +++ b/net/sctp/stream.c > @@ -153,13 +153,20 @@ int sctp_stream_init(struct sctp_stream *stream, __u16 > outcnt, __u16 incnt, > int sctp_stream_init_ext(struct sctp_stream *stream, __u16 sid) > { > struct sctp_stream_out_ext *soute; > + int ret; > > soute = kzalloc(sizeof(*soute), GFP_KERNEL); > if (!soute) > return -ENOMEM; > SCTP_SO(stream, sid)->ext = soute; > > - return sctp_sched_init_sid(stream, sid, GFP_KERNEL); > + ret = sctp_sched_init_sid(stream, sid, GFP_KERNEL); > + if (ret) { > + kfree(SCTP_SO(stream, sid)->ext); > + SCTP_SO(stream, sid)->ext = NULL; > + } > + > + return ret; > } > > void sctp_stream_free(struct sctp_stream *stream) > Tested-by: Xin Long Hi, Marcelo, please feel free to move forward with this patch, :-)

Re: memory leak in sctp_get_port_local

On Wed, May 29, 2019 at 2:28 AM syzbot wrote: > > Hello, > > syzbot found the following crash on: > > HEAD commit:cd6c84d8 Linux 5.2-rc2 > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=101a184aa0 > kernel config:

Re: memory leak in sctp_v4_create_accept_sk

On Mon, Jun 24, 2019 at 3:28 PM syzbot wrote: > > Hello, > > syzbot found the following crash on: > > HEAD commit:abf02e29 Merge tag 'pm-5.2-rc6' of git://git.kernel.org/pu.. > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=13470eb2a0 > kernel config:

Re: KASAN: user-memory-access Read in ip6_hold_safe (3)

9/06/01 15:51 bpf-next 0462eaac > > Since it happens a dozen of times per day, most likely it was > introduced into net-next around dfb569f2 (syzbot should do new builds > every ~12h, minus broken trees). I think all these pcpu memory corruptions can be marked as Fixed-by: commit c3bcde026684c62d7a2b6f626dc7cf763833875c Author: Xin Long Date: Mon Jun 17 21:34:15 2019 +0800 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb

Re: KMSAN: uninit-value in tipc_nl_compat_bearer_disable

On Wed, Jun 19, 2019 at 11:48 PM syzbot wrote: > > Hello, > > syzbot found the following crash on: > > HEAD commit:f75e4cfe kmsan: use kmsan_handle_urb() in urb.c > git tree: kmsan > console output: https://syzkaller.appspot.com/x/log.txt?x=13d0a6fea0 > kernel config:

Re: memory leak in tipc_buf_acquire

On Sat, May 25, 2019 at 5:18 AM syzbot wrote: > > Hello, > > syzbot found the following crash on: > > HEAD commit:4dde821e Merge tag 'xfs-5.2-fixes-1' of git://git.kernel.o.. > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=107db73aa0 > kernel config:

Re: memory leak in sctp_stream_init_ext

On Fri, May 31, 2019 at 10:59 PM syzbot wrote: > > Hello, > > syzbot found the following crash on: > > HEAD commit:bec7550c Merge tag 'docs-5.2-fixes2' of git://git.lwn.net/.. > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=152a0916a0 > kernel

Re: [PATCH] ipvlan: Don't propagate IFF_ALLMULTI changes on down interfaces.

On Mon, Jun 3, 2019 at 11:22 AM Young Xiao <92siuy...@gmail.com> wrote: > > Clearing the IFF_ALLMULTI flag on a down interface could cause an allmulti > overflow on the underlying interface. > > Attempting the set IFF_ALLMULTI on the underlying interface would cause an > error and the log message:

Re: [PATCH] net: sctp: fix memory leak in sctp_send_reset_streams

/0xa9 > > > > > > It was introduced in commit d570a59c5b5f ("sctp: only allow the out stream > > reset when the stream outq is empty"), in orde to check stream outqs before > > sending SCTP_STRRESET_IN_PROGRESS back to the peer of the stream. EAGAIN is > >

Re: general protection fault in fib6_purge_rt

On Thu, Mar 21, 2019 at 12:54 AM Jon Maloy wrote: > > > > > -Original Message- > > From: Dmitry Vyukov > > Sent: 20-Mar-19 17:41 > > To: Jon Maloy > > Cc: syzbot ; > > da...@davemloft.net; kuz...@ms2.inr.ac.ru; linux- > > ker...@vger.kernel.org; net...@vger.kernel.org; syzkaller- > >

Re: general protection fault in sctp_sched_rr_dequeue

On Wed, Mar 6, 2019 at 9:42 AM syzbot wrote: > > Hello, > > syzbot found the following crash on: > > HEAD commit:63bdf4284c38 Merge branch 'linus' of git://git.kernel.org/.. > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=100347cb20 > kernel config:

Re: [PATCH net] sctp: get sctphdr by offset in sctp_compute_cksum

On Tue, Feb 26, 2019 at 8:29 PM Neil Horman wrote: > > On Tue, Feb 26, 2019 at 12:15:54AM +0800, Xin Long wrote: > > On Mon, Feb 25, 2019 at 10:08 PM Neil Horman wrote: > > > > > > On Mon, Feb 25, 2019 at 09:20:44PM +0800, Xin Long wrote: > > > > O

Re: [PATCH net] sctp: get sctphdr by offset in sctp_compute_cksum

On Mon, Feb 25, 2019 at 10:08 PM Neil Horman wrote: > > On Mon, Feb 25, 2019 at 09:20:44PM +0800, Xin Long wrote: > > On Mon, Feb 25, 2019 at 8:47 PM Neil Horman wrote: > > > > > > On Mon, Feb 25, 2019 at 07:25:37PM +0800, Xin Long wrote: > > &

Re: [PATCH net] sctp: get sctphdr by offset in sctp_compute_cksum

On Mon, Feb 25, 2019 at 8:47 PM Neil Horman wrote: > > On Mon, Feb 25, 2019 at 07:25:37PM +0800, Xin Long wrote: > > sctp_hdr(skb) only works when skb->transport_header is set properly. > > > > But in the path of nf_conntrack_in: sctp_packet() -> sctp_error()

[PATCH net] sctp: get sctphdr by offset in sctp_compute_cksum

ng offset, which is always right in all places. Fixes: e6d8b64b34aa ("net: sctp: fix and consolidate SCTP checksumming code") Reported-by: Li Shuang Signed-off-by: Xin Long --- include/net/sctp/checksum.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/net/sctp/c

Re: KASAN: use-after-free Read in sctp_outq_tail

On Thu, Feb 14, 2019 at 10:39 PM Marcelo Ricardo Leitner wrote: > > On Thu, Feb 14, 2019 at 12:17:45PM -0200, Marcelo Ricardo Leitner wrote: > > On Thu, Feb 14, 2019 at 10:03:30PM +0800, Xin Long wrote: > > > On Wed, Feb 13, 2019 at 9:52 PM Marcelo Ricardo

Re: KASAN: use-after-free Read in sctp_outq_tail

On Wed, Feb 13, 2019 at 9:52 PM Marcelo Ricardo Leitner wrote: > > On Wed, Feb 13, 2019 at 12:35:56PM +0800, Xin Long wrote: > > On Wed, Feb 13, 2019 at 4:00 AM syzbot > > wrote: > > > > > > Hello, > > > > > > syzbot found the following

Re: KASAN: use-after-free Read in sctp_outq_tail

On Wed, Feb 13, 2019 at 4:00 AM syzbot wrote: > > Hello, > > syzbot found the following crash on: > > HEAD commit:d4104460aec1 Add linux-next specific files for 20190211 > git tree: linux-next > console output: https://syzkaller.appspot.com/x/log.txt?x=14140124c0 > kernel config:

[PATCH net] sctp: set stream ext to NULL after freeing it in sctp_stream_outq_migrate

m scheduler foundations") Reported-by: syzbot+58e480e7b28f2d890...@syzkaller.appspotmail.com Signed-off-by: Xin Long --- net/sctp/stream.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/net/sctp/stream.c b/net/sctp/stream.c index f246331..2936ed1 100644 --- a/net/sctp/stream.

[PATCH net] sctp: call gso_reset_checksum when computing checksum in sctp_gso_segment

_checksum() when computing checksum in sctp_gso_segment. Reported-by: Jianlin Shi Signed-off-by: Xin Long --- net/sctp/offload.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/sctp/offload.c b/net/sctp/offload.c index 123e9f2..edfcf16 100644 --- a/net/sctp/offload.c +++ b/net/sctp/

Re: KASAN: invalid-free in sctp_stream_free

On Tue, Feb 5, 2019 at 1:21 AM syzbot wrote: > > Hello, > > syzbot found the following crash on: > > HEAD commit:dc4c89997735 Add linux-next specific files for 20190201 > git tree: linux-next > console output: https://syzkaller.appspot.com/x/log.txt?x=17eb3dc4c0 > kernel config:

[PATCHv3 net] sctp: check and update stream->out_curr when allocating stream_out

Reported-by: Ying Xu Reported-by: syzbot+e33a3a138267ca119...@syzkaller.appspotmail.com Signed-off-by: Xin Long --- net/sctp/stream.c | 20 1 file changed, 20 insertions(+) diff --git a/net/sctp/stream.c b/net/sctp/stream.c index 80e0ae5..f246331 100644 --- a/net/sctp/stream.c +

[PATCH net] sctp: set flow sport from saddr only when it's 0

setting flow sport from saddr only when it's 0 in sctp_v4/6_get_dst(). Fixes: 6e91b578bf3f ("sctp: re-use sctp_transport_pmtu in sctp_transport_route") Reported-by: Ying Xu Signed-off-by: Xin Long --- net/sctp/ipv6.c | 3 ++- net/sctp/protocol.c | 3 ++- 2 files changed, 4 insertion

[PATCH net] sctp: set chunk transport correctly when it's a new asoc

transport's asoc. This patch is to fix it by setting 'retval' transport correctly which belongs to the right asoc in sctp_make_init_ack() and sctp_sf_do_5_1D_ce(). Fixes: b9fd683982c9 ("sctp: add sctp_packet_singleton") Reported-by: Ying Xu Signed-off-by: Xin Long --- net/sctp/sm_make_c

[PATCH net] sctp: improve the events for sctp stream adding

res for the Add Incoming Streams Request Parameter") Reported-by: Ying Xu Signed-off-by: Xin Long --- net/sctp/stream.c | 19 --- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/net/sctp/stream.c b/net/sctp/stream.c index 6c188b0..80e0ae5 100644 --- a/net/sctp/str

[PATCH net] sctp: improve the events for sctp stream reset

sctp: implement receiver-side procedures for the Incoming SSN Reset Request Parameter") Fixes: 11ae76e67a17 ("sctp: implement receiver-side procedures for the Reconf Response Parameter") Reported-by: Ying Xu Signed-off-by: Xin Long --- net/sctp/stream.c | 39 +

[PATCH net] sctp: allocate sctp_sockaddr_entry with kzalloc

in sctp_v4/6_copy_addrlist(). Reported-by: Alexander Potapenko Signed-off-by: Xin Long --- net/sctp/ipv6.c | 5 + net/sctp/protocol.c | 4 +--- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c index b9ed271..ed8e006 100644 --- a/net/sctp/ipv6.c

[PATCH net] erspan: build the header with the right proto according to erspan_ver

pan_xmit() according to erspan_ver. While at it, also remove the unused parameter 'proto' in erspan_fb_xmit(). Fixes: 94d7d8f29287 ("ip6_gre: add erspan v2 support") Reported-by: Jianlin Shi Signed-off-by: Xin Long --- net/ipv4/ip_gre.c | 23 ++- net/ipv6/ip6_gre.c |

Re: KMSAN: kernel-infoleak in sctp_getsockopt

On Mon, Jan 14, 2019 at 5:34 PM Alexander Potapenko wrote: > > On Mon, Dec 10, 2018 at 9:56 AM Xin Long wrote: > > > > On Thu, Dec 6, 2018 at 8:08 PM Marcelo Ricardo Leitner > > wrote: > > > > > > On Thu, Dec 06, 2018 at 11:36:08AM +0100, Alexander Po

Re: [PATCH 6/6] Drop flex_arrays

On Sat, Sep 8, 2018 at 1:57 AM Kent Overstreet wrote: > > All existing users have been converted to generic radix trees NAK, SCTP is still using flex_arrays, # grep flex_array net/sctp/* This patch will break the build. > > Signed-off-by: Kent Overstreet > Acked-by: Dave Hansen > --- >

[PATCH net] sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event

e28...@syzkaller.appspotmail.com Signed-off-by: Xin Long --- net/sctp/ipv6.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c index fc6c5e4..7f0539d 100644 --- a/net/sctp/ipv6.c +++ b/net/sctp/ipv6.c @@ -101,6 +101,7 @@ static int sctp_inet6addr_event(str

Re: KMSAN: kernel-infoleak in sctp_getsockopt

On Thu, Dec 6, 2018 at 8:08 PM Marcelo Ricardo Leitner wrote: > > On Thu, Dec 06, 2018 at 11:36:08AM +0100, Alexander Potapenko wrote: > > On Wed, Dec 5, 2018 at 8:31 PM syzbot > > wrote: > > > > > > Hello, > > > > > > syzbot found the following crash on: > > > > > > HEAD commit:fffec98ae2a6

[PATCHv2 net 3/3] sctp: fa_resize sctp stream instead of redo fa_alloc

lex_array_clear() and flex_array_shrink() are called to free the unused memory before shrinking. Fixes: 5e32a431 ("sctp: introduce stream scheduler foundations") Reported-by: Ying Xu Reported-by: syzbot+e33a3a138267ca119...@syzkaller.appspotmail.com Suggested-by: Neil Horman Signe

[PATCHv2 net 2/3] flex_array: support flex_array_resize

-by: Neil Horman Signed-off-by: Xin Long Acked-by: Neil Horman --- include/linux/flex_array.h | 11 + lib/flex_array.c | 58 ++ 2 files changed, 69 insertions(+) diff --git a/include/linux/flex_array.h b/include/linux/flex_array.h

[PATCHv2 net 0/3] net: add support for flex_array_resize in flex_array

memory so far. v1->v2: Cc LKML and more developers. Xin Long (3): flex_array: make FLEX_ARRAY_BASE_SIZE the same value of FLEX_ARRAY_PART_SIZE flex_array: support flex_array_resize sctp: fa_resize sctp stream instead of redo fa_alloc include/linux/flex_array.h |

[PATCHv2 net 1/3] flex_array: make FLEX_ARRAY_BASE_SIZE the same value of FLEX_ARRAY_PART_SIZE

in the next patch. Suggested-by: Neil Horman Signed-off-by: Xin Long Acked-by: Neil Horman --- include/linux/flex_array.h | 29 + lib/flex_array.c | 15 --- 2 files changed, 21 insertions(+), 23 deletions(-) diff --git a/include/linux

Re: KASAN: use-after-free Read in __lock_sock

On Sat, Nov 17, 2018 at 4:18 PM syzbot wrote: > > Hello, > > syzbot found the following crash on: > > HEAD commit:ccda4af0f4b9 Linux 4.20-rc2 > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=156cd53340 > kernel config:

Re: KASAN: use-after-free Read in __lock_sock

On Sat, Nov 17, 2018 at 4:18 PM syzbot wrote: > > Hello, > > syzbot found the following crash on: > > HEAD commit:ccda4af0f4b9 Linux 4.20-rc2 > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=156cd53340 > kernel config:

Re: KASAN: use-after-free Read in sctp_epaddr_lookup_transport

port+0xacb/0xb20 > net/sctp/input.c:971 > Read of size 8 at addr 8881cde426b0 by task syz-executor3/18110 > The same fix is needed in sctp_epaddr_lookup_transport() as: commit bab1be79a5169ac748d8292b20c86d874022d7ba Author: Xin Long Date: Mon Aug 27 18:38:31

Re: KASAN: use-after-free Read in sctp_epaddr_lookup_transport

port+0xacb/0xb20 > net/sctp/input.c:971 > Read of size 8 at addr 8881cde426b0 by task syz-executor3/18110 > The same fix is needed in sctp_epaddr_lookup_transport() as: commit bab1be79a5169ac748d8292b20c86d874022d7ba Author: Xin Long Date: Mon Aug 27 18:38:31

Re: KASAN: use-after-free Read in sctp_hash_transport

ad8_noabort+0x14/0x20 mm/kasan/report.c:433 > sctp_hash_transport+0x803/0x810 net/sctp/input.c:958 Caused by: commit cd2b708750582e327789d8fb07c6eb5f79f7759f Author: Xin Long Date: Fri Feb 17 16:35:24 2017 +0800 sctp: check duplicate node before inserting a new transport A same fix is

Re: KASAN: use-after-free Read in sctp_hash_transport

ad8_noabort+0x14/0x20 mm/kasan/report.c:433 > sctp_hash_transport+0x803/0x810 net/sctp/input.c:958 Caused by: commit cd2b708750582e327789d8fb07c6eb5f79f7759f Author: Xin Long Date: Fri Feb 17 16:35:24 2017 +0800 sctp: check duplicate node before inserting a new transport A same fix is

Re: perf script doesn't dump a normal call trace

On Mon, Nov 5, 2018 at 5:49 PM Jiri Olsa wrote: > > On Mon, Nov 05, 2018 at 03:20:15PM +0900, Xin Long wrote: > > SNIP > > > > > > [root@ibm-x3650m4-02 perf]# ./perf probe 'consume_skb' > > > > > [root@ibm-x3650m4-02 perf]# ./perf reco

Re: perf script doesn't dump a normal call trace

On Mon, Nov 5, 2018 at 5:49 PM Jiri Olsa wrote: > > On Mon, Nov 05, 2018 at 03:20:15PM +0900, Xin Long wrote: > > SNIP > > > > > > [root@ibm-x3650m4-02 perf]# ./perf probe 'consume_skb' > > > > > [root@ibm-x3650m4-02 perf]# ./perf reco

Re: perf script doesn't dump a normal call trace

On Mon, Nov 5, 2018 at 4:18 AM Jiri Olsa wrote: > > On Sat, Nov 03, 2018 at 06:36:21PM +0900, Xin Long wrote: > > On Fri, Nov 2, 2018 at 7:26 PM Jiri Olsa wrote: > > > > > > On Fri, Nov 02, 2018 at 03:36:13PM +0900, Xin Long wrote: > > > > On ups

Re: perf script doesn't dump a normal call trace

On Mon, Nov 5, 2018 at 4:18 AM Jiri Olsa wrote: > > On Sat, Nov 03, 2018 at 06:36:21PM +0900, Xin Long wrote: > > On Fri, Nov 2, 2018 at 7:26 PM Jiri Olsa wrote: > > > > > > On Fri, Nov 02, 2018 at 03:36:13PM +0900, Xin Long wrote: > > > > On ups

Re: perf script doesn't dump a normal call trace

On Fri, Nov 2, 2018 at 7:26 PM Jiri Olsa wrote: > > On Fri, Nov 02, 2018 at 03:36:13PM +0900, Xin Long wrote: > > On upstream kernel(4.19) or RHEL-8 kernel(4.18.0): > > > > # perf record -e 'skb:consume_skb' -ag > > ^C[ perf record: Woken up 1 times to write data

Re: perf script doesn't dump a normal call trace

On Fri, Nov 2, 2018 at 7:26 PM Jiri Olsa wrote: > > On Fri, Nov 02, 2018 at 03:36:13PM +0900, Xin Long wrote: > > On upstream kernel(4.19) or RHEL-8 kernel(4.18.0): > > > > # perf record -e 'skb:consume_skb' -ag > > ^C[ perf record: Woken up 1 times to write data

perf script doesn't dump a normal call trace

On upstream kernel(4.19) or RHEL-8 kernel(4.18.0): # perf record -e 'skb:consume_skb' -ag ^C[ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.612 MB perf.data (634 samples) ] # perf script swapper 0 [009] 274370.117711: skb:consume_skb:

perf script doesn't dump a normal call trace

On upstream kernel(4.19) or RHEL-8 kernel(4.18.0): # perf record -e 'skb:consume_skb' -ag ^C[ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.612 MB perf.data (634 samples) ] # perf script swapper 0 [009] 274370.117711: skb:consume_skb:

Re: net/sctp/socket.c:2681:6-11: ERROR: invalid reference to the index variable of the iterator on line 2661 (fwd)

; Subject: net/sctp/socket.c:2681:6-11: ERROR: invalid reference to the index > variable of the iterator on line 2661 > > CC: kbuild-...@01.org > CC: linux-kernel@vger.kernel.org > TO: Xin Long > > tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git &g

Re: net/sctp/socket.c:2681:6-11: ERROR: invalid reference to the index variable of the iterator on line 2661 (fwd)

; Subject: net/sctp/socket.c:2681:6-11: ERROR: invalid reference to the index > variable of the iterator on line 2661 > > CC: kbuild-...@01.org > CC: linux-kernel@vger.kernel.org > TO: Xin Long > > tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git &g

Re: INFO: rcu detected stall in corrupted

nline] >> sctp_do_sm+0x596/0x7160 net/sctp/sm_sideeffect.c:1191 >> sctp_generate_heartbeat_event+0x218/0x450 net/sctp/sm_sideeffect.c:406 >> call_timer_fn+0x230/0x940 kernel/time/timer.c:1326 >> >> >> Some kind of infinite loop. >> >&

Re: INFO: rcu detected stall in corrupted

ate_heartbeat_event+0x218/0x450 net/sctp/sm_sideeffect.c:406 >> call_timer_fn+0x230/0x940 kernel/time/timer.c:1326 >> >> >> Some kind of infinite loop. >> >> When the hrtimer fires, it can point to any code that sits below but does >> not necessarily have a bug

Re: INFO: rcu detected stall in is_bpf_text_address

On Sat, May 19, 2018 at 11:57 PM, Eric Dumazet wrote: > SCTP experts, please take a look. > > On 05/19/2018 08:55 AM, syzbot wrote: >> Hello, >> >> syzbot found the following crash on: >> >> HEAD commit:73fcb1a370c7 Merge branch 'akpm' (patches from Andrew) >> git

Re: INFO: rcu detected stall in is_bpf_text_address

On Sat, May 19, 2018 at 11:57 PM, Eric Dumazet wrote: > SCTP experts, please take a look. > > On 05/19/2018 08:55 AM, syzbot wrote: >> Hello, >> >> syzbot found the following crash on: >> >> HEAD commit:73fcb1a370c7 Merge branch 'akpm' (patches from Andrew) >> git tree: upstream >>

Re: INFO: rcu detected stall in sctp_packet_transmit

On Wed, May 16, 2018 at 6:53 PM, Dmitry Vyukov <dvyu...@google.com> wrote: > On Wed, May 16, 2018 at 12:44 PM, Xin Long <lucien@gmail.com> wrote: >> On Wed, May 16, 2018 at 4:11 PM, syzbot >> <syzbot+ff0b569fb5111dcd1...@syzkaller.appspotmail.com> wrote

Re: INFO: rcu detected stall in sctp_packet_transmit

On Wed, May 16, 2018 at 6:53 PM, Dmitry Vyukov wrote: > On Wed, May 16, 2018 at 12:44 PM, Xin Long wrote: >> On Wed, May 16, 2018 at 4:11 PM, syzbot >> wrote: >>> Hello, >>> >>> syzbot found the following crash on: >>> >>> HEAD commit:

Re: INFO: rcu detected stall in sctp_packet_transmit

On Wed, May 16, 2018 at 4:11 PM, syzbot wrote: > Hello, > > syzbot found the following crash on: > > HEAD commit:961423f9fcbc Merge branch 'sctp-Introduce-sctp_flush_ctx' > git tree: net-next > console output:

Re: INFO: rcu detected stall in sctp_packet_transmit

On Wed, May 16, 2018 at 4:11 PM, syzbot wrote: > Hello, > > syzbot found the following crash on: > > HEAD commit:961423f9fcbc Merge branch 'sctp-Introduce-sctp_flush_ctx' > git tree: net-next > console output: https://syzkaller.appspot.com/x/log.txt?x=1366aea780 > kernel config:

Re: KMSAN: uninit-value in __sctp_v6_cmp_addr

v6.c:580 Pls check if the testing kernel has this commit: commit d625329b06e46bd20baf9ee40847d11982569204 Author: Xin Long <lucien@gmail.com> Date: Thu Apr 26 14:13:57 2018 +0800 sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr Thanks. > sctp_inet6_cmp_addr+0x3dc/0x4

Re: KMSAN: uninit-value in __sctp_v6_cmp_addr

dump_stack.c:77 [inline] > dump_stack+0x185/0x1d0 lib/dump_stack.c:113 > kmsan_report+0x142/0x240 mm/kmsan/kmsan.c:1067 > __msan_warning_32+0x6c/0xb0 mm/kmsan/kmsan_instr.c:683 > __sctp_v6_cmp_addr+0x49a/0x850 net/sctp/ipv6.c:580 Pls check if the testing kernel has this commit: commi

Re: INFO: rcu detected stall in kfree_skbmem

On Mon, May 14, 2018 at 9:34 PM, Neil Horman wrote: > On Fri, May 11, 2018 at 12:00:38PM +0200, Dmitry Vyukov wrote: >> On Mon, Apr 30, 2018 at 8:09 PM, syzbot >> wrote: >> > Hello, >> > >> > syzbot found the following

Re: INFO: rcu detected stall in kfree_skbmem

On Mon, May 14, 2018 at 9:34 PM, Neil Horman wrote: > On Fri, May 11, 2018 at 12:00:38PM +0200, Dmitry Vyukov wrote: >> On Mon, Apr 30, 2018 at 8:09 PM, syzbot >> wrote: >> > Hello, >> > >> > syzbot found the following crash on: >> > >> > HEAD commit:5d1365940a68 Merge >> >

Re: KASAN: use-after-free Read in sctp_do_sm

On Tue, May 8, 2018 at 9:58 PM, syzbot wrote: > Hello, > > syzbot found the following crash on: > > HEAD commit:f142f08bf7ec Fix typo in comment. > git tree: upstream > console output:

Re: KASAN: use-after-free Read in sctp_do_sm

On Tue, May 8, 2018 at 9:58 PM, syzbot wrote: > Hello, > > syzbot found the following crash on: > > HEAD commit:f142f08bf7ec Fix typo in comment. > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=1159ade780 > kernel config:

Re: non-blocking connect for kernel SCTP sockets

On Wed, May 2, 2018 at 5:06 PM, Michal Kubecek wrote: > Hello, > > while investigating a bug, we noticed that DLM tries to connect an SCTP > socket in non-blocking mode using > > result = sock->ops->connect(sock, (struct sockaddr *), addr_len, >

Re: non-blocking connect for kernel SCTP sockets

On Wed, May 2, 2018 at 5:06 PM, Michal Kubecek wrote: > Hello, > > while investigating a bug, we noticed that DLM tries to connect an SCTP > socket in non-blocking mode using > > result = sock->ops->connect(sock, (struct sockaddr *), addr_len, >

Re: KASAN: slab-out-of-bounds Read in __sctp_v6_cmp_addr

On Mon, Apr 23, 2018 at 9:02 AM, syzbot wrote: > Hello, > > syzbot hit the following crash on upstream commit > 83beed7b2b26f232d782127792dd0cd4362fdc41 (Fri Apr 20 17:56:32 2018 +) > Merge branch 'fixes' of >

  1   2   3   >