Re: [PATCH] net/ieee802154: reject zero-sized raw_sendmsg()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello.

On 04.10.22 00:29, Alexander Aring wrote:
Hi,

On Mon, Oct 3, 2022 at 8:35 AM Tetsuo Handa
<penguin-kernel@xxxxxxxxxxxxxxxxxxx> wrote:

On 2022/10/03 21:30, patchwork-bot+netdevbpf@xxxxxxxxxx wrote:
Hello:

This patch was applied to netdev/net.git (master)
by David S. Miller <davem@xxxxxxxxxxxxx>:

On Sun, 2 Oct 2022 01:43:44 +0900 you wrote:
syzbot is hitting skb_assert_len() warning at raw_sendmsg() for ieee802154
socket. What commit dc633700f00f726e ("net/af_packet: check len when
min_header_len equals to 0") does also applies to ieee802154 socket.

Link: https://syzkaller.appspot.com/bug?extid=5ea725c25d06fb9114c4
Reported-by: syzbot <syzbot+5ea725c25d06fb9114c4@xxxxxxxxxxxxxxxxxxxxxxxxx>
Fixes: fd1894224407c484 ("bpf: Don't redirect packets with invalid pkt_len")
Signed-off-by: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>

[...]

Here is the summary with links:
   - net/ieee802154: reject zero-sized raw_sendmsg()
     https://git.kernel.org/netdev/net/c/3a4d061c699b


Are you sure that returning -EINVAL is OK?

In v2 patch, I changed to return 0, for PF_IEEE802154 socket's zero-sized
raw_sendmsg() request was able to return 0.

I currently try to get access to kernel.org wpan repositories and try
to rebase/apply your v2 on it.

This will only work once I merged net into wpan. Which I normally do only after a pull request to avoid merge requests being created.

We have two options here a) reverting this patch and applying v2 of it b) Tetsu sending an incremental patch on top of the applied one to come to the same state as after v2.


Then it should be fixed in the next
pull request to net. For netdev maintainers, please don't apply wpan
patches. Stefan and I will care about it.

Keep in mind that Dave and Jakub do this to help us out because we are sometimes slow on applying patches and getting them to net. Normally this is all fine for clear fixes.

For -next material I agree this should only go through the wpan-next tree for us to coordinate, but for the occasional fix its often faster if it hits net directly. Normally I don't mind that. In this case v2 was overlooked. But this is easily rectified with either of the two options mentioned above.

regards
Stefan Schmidt



[Index of Archives]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Linux Audio Users]     [Photo]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux