Re: [PATCH] Fix KMSAN infoleak, initialize unused data in pskb_expand_head

From: Eric Dumazet
Date: Thu Oct 03 2024 - 03:56:28 EST


On Thu, Oct 3, 2024 at 6:42 AM Daniel Yang <danielyangkang@xxxxxxxxx> wrote:
>
> I took a look at https://www.spinics.net/lists/netdev/msg982652.html
> and am a little confused since the patch adds a check instead of
> initializing the memory segment.
> Is the general assumption that any packet with uninitialized memory is
> ill formed and we need to drop? Also is there any documentation for
> internal macros/function calls for BPF because I was trying to look
> and couldn't find any.

Callers wanting allocated memory to be cleared use __GFP_ZERO
If we were forcing __GFP_ZERO all the time, network performance would
be reduced by 30% at least.

You are working around the real bug, just to silence a useful warning.

As I explained earlier, the real bug is that some layers think the
ethernet header (14 bytes) is present in the packet.

Providing 14 zero bytes (instead of random bytes) would still be a bug.

The real fix is to drop malicious packets when they are too small, like a NIC.