On Tue, Dec 04, 2018 at 09:40:35AM -0800, Eric Dumazet wrote:
> kmsan was able to trigger a kernel-infoleak using a gre device [1]
>
> nlmsg_populate_fdb_fill() has a hard coded assumption
> that dev->addr_len is ETH_ALEN, as normally guaranteed
> for ARPHRD_ETHER devices.
>
> A similar issue was fixed recently in commit da71577545a5
> ("rtnetlink: Disallow FDB configuration for non-Ethernet device")
...
> Fixes: d83b06036048 ("net: add fdb generic dump routine")
> Signed-off-by: Eric Dumazet <eduma...@google.com>
> Cc: John Fastabend <john.fastab...@gmail.com>
> Cc: Ido Schimmel <ido...@mellanox.com>
> Cc: David Ahern <dsah...@gmail.com>
Reviewed-by: Ido Schimmel <ido...@mellanox.com>
Thanks!
