Re: [PATCH net] Drop packets with invalid headers to prevent KMSAN infoleak

Yonghong Song <yonghong.song@xxxxxxxxx> · Sun, 27 Oct 2024 22:42:08 -0700

On 10/27/24 1:49 AM, Daniel Yang wrote:
On Tue, Oct 22, 2024 at 11:14 AM Martin KaFai Lau <martin.lau@xxxxxxxxx> wrote:
On 10/21/24 6:37 PM, Daniel Yang wrote:
A test in selftests/bpf is needed to reproduce and better understand this.
I don't know much about self tests but I've just been using the syzbot
repro and #syz test at the link in the patch:
https://syzkaller.appspot.com/bug?extid=346474e3bf0b26bd3090. Testing
the patch showed that the uninitialized memory was not getting written
to memory.

Only bpf_clone_redirect() is needed to reproduce or other bpf_skb_*() helpers calls
are needed to reproduce?
If only bpf_clone_redirect() is needed, it should be simple to write a selftest
to reproduce it. It also helps to catch future regression.

Please tag the next respin as "bpf" also.
I have a problem. I can't seem to build the bpf kselftests for some
reason. There is always a struct definition error:
In file included from progs/profiler1.c:5:
progs/profiler.inc.h:599:49: error: declaration of 'struct
syscall_trace_enter' will not be visible outside of t]
   599 | int tracepoint__syscalls__sys_enter_kill(struct
syscall_trace_enter* ctx)
       |                                                 ^
progs/profiler.inc.h:604:15: error: incomplete definition of type
'struct syscall_trace_enter'
   604 |         int pid = ctx->args[0];
       |                   ~~~^
progs/profiler.inc.h:599:49: note: forward declaration of 'struct
syscall_trace_enter'
   599 | int tracepoint__syscalls__sys_enter_kill(struct
syscall_trace_enter* ctx)
       |                                                 ^
progs/profiler.inc.h:605:15: error: incomplete definition of type
'struct syscall_trace_enter'
   605 |         int sig = ctx->args[1];
       |                   ~~~^
progs/profiler.inc.h:599:49: note: forward declaration of 'struct
syscall_trace_enter'
   599 | int tracepoint__syscalls__sys_enter_kill(struct
syscall_trace_enter* ctx)

I just run the following to build:
$ cd tools/testing/selftests/bpf/
$ make

It might be due to your .config file.
The 'struct syscall_trace_enter' is defined in kernel/trace/trace.h,
which is used in kernel/trace/trace_syscalls.c. Maybe your config
does not have CONFIG_FTRACE_SYSCALLS?

I can't find anyone else encountering the same error.