From mboxrd@z Thu Jan  1 00:00:00 1970
From: Stefano Brivio <sbrivio@redhat.com>
Subject: Re: [PATCH v2 net] fou, fou6: do not assume linear skbs
Date: Fri, 11 Jan 2019 15:39:08 +0100
Message-ID: <20190111153908.6ac4df34@redhat.com>
References: <20190111142735.234357-1-edumazet@google.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Cc: "David S . Miller" <davem@davemloft.net>,
        netdev <netdev@vger.kernel.org>,
        Eric Dumazet <eric.dumazet@gmail.com>,
        syzbot <syzkaller@googlegroups.com>,
        Sabrina Dubroca <sd@queasysnail.net>
To: Eric Dumazet <edumazet@google.com>
Return-path: <netdev-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:36158 "EHLO mx1.redhat.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S2390593AbfAKOjQ (ORCPT <rfc822;netdev@vger.kernel.org>);
        Fri, 11 Jan 2019 09:39:16 -0500
In-Reply-To: <20190111142735.234357-1-edumazet@google.com>
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>

On Fri, 11 Jan 2019 06:27:35 -0800
Eric Dumazet <edumazet@google.com> wrote:

> Both gue_err() and gue6_err() incorrectly assume
> linear skbs. Fix them to use pskb_may_pull().
> 
> BUG: KMSAN: uninit-value in gue6_err+0x475/0xc40 net/ipv6/fou6.c:101
> CPU: 0 PID: 18083 Comm: syz-executor1 Not tainted 5.0.0-rc1+ #7
>
> [...]
>
> Fixes: b8a51b38e4d4 ("fou, fou6: ICMP error handlers for FoU and GUE")
> Signed-off-by: Eric Dumazet <edumazet@google.com>
> Reported-by: syzbot <syzkaller@googlegroups.com>
> Cc: Stefano Brivio <sbrivio@redhat.com>
> Cc: Sabrina Dubroca <sd@queasysnail.net>

Acked-by: Stefano Brivio <sbrivio@redhat.com>