From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Miller Subject: Re: [PATCH net-next v3 00/16] l2tp: fix API races discovered by syzbot Date: Mon, 12 Feb 2018 14:00:12 -0500 (EST) Message-ID: <20180212.140012.2157785508291954542.davem@davemloft.net> References: <1518456819-22244-1-git-send-email-jchapman@katalix.com> Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: netdev@vger.kernel.org To: jchapman@katalix.com Return-path: Received: from shards.monkeyblade.net ([184.105.139.130]:56620 "EHLO shards.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752881AbeBLTAQ (ORCPT ); Mon, 12 Feb 2018 14:00:16 -0500 In-Reply-To: <1518456819-22244-1-git-send-email-jchapman@katalix.com> Sender: netdev-owner@vger.kernel.org List-ID: From: James Chapman Date: Mon, 12 Feb 2018 17:33:23 +0000 > This patch series addresses several races with L2TP APIs discovered by > syzbot. While working on this, it became clear that the L2TP code > needed some work to address object lifetime issues. There are no > functional changes. > > The set of patches 1-13 in combination fix the following syzbot reports. > > 9df43faf0 KASAN: use-after-free Read in pppol2tp_connect > 6e6a5ec8d general protection fault in pppol2tp_connect > 347bd5acd KASAN: use-after-free Read in inet_shutdown > 19c09769f WARNING in debug_print_object Some symbol export issues: ERROR: "l2tp_tunnel_free" [net/l2tp/l2tp_ppp.ko] undefined! ERROR: "l2tp_tunnel_free" [net/l2tp/l2tp_netlink.ko] undefined! make[1]: *** [scripts/Makefile.modpost:92: __modpost] Error 1 Also, this series is also a hodge-podge of bug fixes that really belong in 'net' alongside cleanups and refactoring that belong in 'net-next'. Can you please pull out the genuine bug fixes into a smaller series targetting 'net' and then after you fix the symbol export issues we can build on top of that in net-next with the cleanups and refactoring. Thank you.