Re: [PATCH net] Drop packets with invalid headers to prevent KMSAN infoleak

From: Daniel Yang
Date: Tue Oct 29 2024 - 17:36:02 EST

Next message: Nabil S. Alramli: "[PATCH 6.1.y v2] cpufreq: amd-pstate: Enable CPU boost in passive and guided modes"
Previous message: Easwar Hariharan: "Re: [PATCH v2 1/2] jiffies: Define secs_to_jiffies()"
In reply to: Alexander Lobakin: "Re: [PATCH net] Drop packets with invalid headers to prevent KMSAN infoleak"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Oct 29, 2024 at 9:41 AM Alexander Lobakin
<aleksander.lobakin@xxxxxxxxx> wrote:
> > + if (unlikely(skb->len < dev->min_header_len ||
> > + skb_mac_header_len(skb) < dev->min_header_len ||
> > + skb_mac_header_len(skb) > dev->hard_header_len)) {
> > + kfree_skb(skb);
> > + return -ERANGE;
> > + }
>
> I believe this should go under IS_ENABLED(CONFIG_KMSAN) or
> CONFIG_DEBUG_NET or so to not affect the regular configurations.
> Or does this fix some real bug?

Well in my opinion, an infoleak is still an infoleak. But, this would
likely not get triggered as long as an skb with a properly initialized
eth header is passed into the bpf_clone_redirect function. We could
initialize the memory to 0 but the performance hit would be too much.
If the bpf_clone_redirect() function cannot be called from user space
with user-crafted skbs as input, I don't think this is really an issue
and we can just put it under the macros to get rid of the syzbot
error.

- Daniel

Next message: Nabil S. Alramli: "[PATCH 6.1.y v2] cpufreq: amd-pstate: Enable CPU boost in passive and guided modes"
Previous message: Easwar Hariharan: "Re: [PATCH v2 1/2] jiffies: Define secs_to_jiffies()"
In reply to: Alexander Lobakin: "Re: [PATCH net] Drop packets with invalid headers to prevent KMSAN infoleak"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]