Re: KASAN: use-after-free Write in bpf_tcp_close

From: John Fastabend
Date: Fri Jun 08 2018 - 12:03:19 EST

Next message: Suzuki K Poulose: "Re: [PATCH v2 5/5] arm64: perf: Add support for chaining event counters"
Previous message: Cyrill Gorcunov: "Re: [PATCH 0/2] fs/lock: show locks info owned by dead/invisible processes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 06/07/2018 09:58 AM, Dmitry Vyukov wrote:
> On Mon, May 28, 2018 at 12:15 AM, Daniel Borkmann <daniel@xxxxxxxxxxxxx> wrote:
>> [ +John ]
>>
>> On 05/27/2018 10:06 PM, syzbot wrote:
>>> Hello,
>>>
>>> syzbot found the following crash on:
>>>
>>> HEAD commit: ff4fb475cea8 Merge branch 'btf-uapi-cleanups'
>>> git tree: bpf-next
>>> console output: https://syzkaller.appspot.com/x/log.txt?x=12b3d577800000
>>> kernel config: https://syzkaller.appspot.com/x/.config?x=b632d8e2c2ab2c1
>>> dashboard link: https://syzkaller.appspot.com/bug?extid=31025a5f3f7650081204
>>> compiler: gcc (GCC) 8.0.1 20180413 (experimental)
>>> syzkaller repro:https://syzkaller.appspot.com/x/repro.syz?x=109a2f37800000
>>> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=171a727b800000
>>>
>>> IMPORTANT: if you fix the bug, please add the following tag to the commit:
>>> Reported-by: syzbot+31025a5f3f7650081204@xxxxxxxxxxxxxxxxxxxxxxxxx
>>
>> Should be fixed by: https://patchwork.ozlabs.org/patch/920695/
>
> #syz fix: bpf: sockhash fix race with bpf_tcp_close and map delete
>

Same here 'bpf: sockhash fix race with bpf_tcp_close and map delete"
was dropped and a new fix will be posted shortly.

Thanks!
John

Next message: Suzuki K Poulose: "Re: [PATCH v2 5/5] arm64: perf: Add support for chaining event counters"
Previous message: Cyrill Gorcunov: "Re: [PATCH 0/2] fs/lock: show locks info owned by dead/invisible processes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]