From: linuxtestproject.agent@gmail.com
To: Andrea Cervesato <andrea.cervesato@suse.de>
Cc: ltp@lists.linux.it
Subject: Re: [LTP] sockets/xfrm02: Add ESP-in-TCP page cache corruption test
Date: Wed, 13 May 2026 16:29:25 +0000 [thread overview]
Message-ID: <20260513162925.4072-1-linuxtestproject.agent@gmail.com> (raw)
In-Reply-To: <20260513-fragnesia-v2-1-07a822c66cbd@suse.com>
Hi Andrea,
On Wed, 13 May 2026 17:35:03 +0200, Andrea Cervesato wrote:
> sockets/xfrm02: Add ESP-in-TCP page cache corruption test
> + SAFE_POSIX_FADVISE(cli_fd, 0, 0, POSIX_FADV_DONTNEED);
posix_fadvise(2) is only valid for regular files; on a socket fd it
returns ESPIPE, causing SAFE_POSIX_FADVISE to call tst_brk(TBROK) in
the child and the test never actually exercises the corruption path.
Replace with SAFE_POSIX_FADVISE(file_fd, 0, DATA_SIZE, POSIX_FADV_DONTNEED).
> + /* Let the espintcp strparser process buffered ESP data */
> + usleep(30000);
Sleep-based synchronization is not allowed (G2). Use poll() on acc_fd
waiting for POLLIN to detect when the strparser has consumed the data.
> + acc_fd = SAFE_ACCEPT(srv_fd, NULL, NULL);
> + SAFE_CLOSE(srv_fd);
srv_fd is not reset to -1 after close here; cleanup() will find
srv_fd != -1 and attempt a double-close, hitting TBROK on every run.
Add `srv_fd = -1;` after SAFE_CLOSE(srv_fd).
> +cve-2026-fragnesia xfrm02
Please confirm whether the fix for this CVE is in kernel 7.1 (current
stable). If not, this belongs in runtest/staging with a [STAGING]
prefix in the commit subject.
---
Note:
Our agent completed the review of the patch. The full review can be
found at: https://github.com/linux-test-project/ltp-agent/actions/runs/25811801064
The agent can sometimes produce false positives although often its
findings are genuine. If you find issues with the review, please
comment this email or ignore the suggestions.
Regards,
LTP AI Reviewer
--
Mailing list info: https://lists.linux.it/listinfo/ltp
next prev parent reply other threads:[~2026-05-13 16:29 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-13 15:35 [LTP] [PATCH v2] sockets/xfrm02: Add ESP-in-TCP page cache corruption test Andrea Cervesato
2026-05-13 16:29 ` linuxtestproject.agent [this message]
2026-05-13 16:42 ` [LTP] " Martin Doucha
2026-05-13 16:35 ` [LTP] [PATCH v2] " Martin Doucha
-- strict thread matches above, loose matches on Subject: below --
2026-05-13 17:46 [LTP] [PATCH v3] " Andrea Cervesato
2026-05-13 19:01 ` [LTP] " linuxtestproject.agent
2026-05-13 14:36 [LTP] [PATCH] " Andrea Cervesato
2026-05-13 16:27 ` [LTP] " linuxtestproject.agent
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260513162925.4072-1-linuxtestproject.agent@gmail.com \
--to=linuxtestproject.agent@gmail.com \
--cc=andrea.cervesato@suse.de \
--cc=ltp@lists.linux.it \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox