From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=lxM9=RP=vger.kernel.org=stable-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.5 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
	DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_PASS,
	USER_AGENT_MUTT autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 48AB3C43381
	for <stable@archiver.kernel.org>; Tue, 12 Mar 2019 21:01:06 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 11326214AE
	for <stable@archiver.kernel.org>; Tue, 12 Mar 2019 21:01:06 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=default; t=1552424466;
	bh=SCe+EdX89qVSic7fVl6nO8iYn/eE9I+/j0RGph2FHok=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:List-ID:From;
	b=wiJvmr4+9JL654yf5OgHvwY3Y8ghARGz9q93Z7HnMK9R2h3v5rR34KBYeqiYOBnyU
	 R3FRJR2ViDj55QgElfvM0QXD8nkM5tCV1k7S7CeizV4lRS2WahVLUgubIXSQoENrOj
	 0Tv68jeNni/IBG72VD+6DR/vdoZWkKTKp2w25jYU=
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726411AbfCLVBF (ORCPT <rfc822;stable@archiver.kernel.org>);
        Tue, 12 Mar 2019 17:01:05 -0400
Received: from mail.kernel.org ([198.145.29.99]:59704 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726141AbfCLVBF (ORCPT <rfc822;stable@vger.kernel.org>);
        Tue, 12 Mar 2019 17:01:05 -0400
Received: from localhost (unknown [104.133.8.98])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 9DDE22173C;
        Tue, 12 Mar 2019 21:01:04 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1552424464;
        bh=SCe+EdX89qVSic7fVl6nO8iYn/eE9I+/j0RGph2FHok=;
        h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
        b=tn22wWpzGhNha3RDEfneoNLGSQf12x3vidnjBXcSDfH8vvbmIpHKtLsYM7pU2wSrN
         jF3TuDqGiL4DIl6/KrfGkW/Mw20pm6kVTwDCRgIbPp6NSMu4gh7cEw2Zth40CD3y1D
         vogQTMIBA7DIPI25oVf3ZwoctJsEtdIGt4hDpyGw=
Date:   Tue, 12 Mar 2019 14:01:04 -0700
From:   Greg KH <gregkh@linuxfoundation.org>
To:     Zubin Mithra <zsm@chromium.org>
Cc:     stable@vger.kernel.org, groeck@chromium.org, chamaken@gmail.com,
        pablo@netfilter.org, kadlec@blackhole.kfki.hu, fw@strlen.de,
        davem@davemloft.net
Subject: Re: eb075954e9fd ("netfilter: nfnetlink_log: just returns error for
 unknown command")
Message-ID: <20190312210104.GB9552@kroah.com>
References: <20190312202838.GA107600@google.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20190312202838.GA107600@google.com>
User-Agent: Mutt/1.11.3 (2019-02-01)
Sender: stable-owner@vger.kernel.org
Precedence: bulk
List-ID: <stable.vger.kernel.org>
X-Mailing-List: stable@vger.kernel.org

On Tue, Mar 12, 2019 at 01:28:40PM -0700, Zubin Mithra wrote:
> Hello,
> 
> Syzkaller has triggered a GPF when fuzzing a 4.4 kernel with the following stacktrace.
> Call Trace:
>  [<ffffffff811f5b95>] lock_acquire+0x155/0x450 kernel/locking/lockdep.c:3592
>  [<ffffffff82a15eaf>] __raw_spin_lock_bh include/linux/spinlock_api_smp.h:137 [inline]
>  [<ffffffff82a15eaf>] _raw_spin_lock_bh+0x3f/0x50 kernel/locking/spinlock.c:175
>  [<ffffffff823acc92>] spin_lock_bh include/linux/spinlock.h:307 [inline]
>  [<ffffffff823acc92>] nfulnl_set_mode net/netfilter/nfnetlink_log.c:250 [inline]
>  [<ffffffff823acc92>] nfulnl_recv_config+0x612/0x1440 net/netfilter/nfnetlink_log.c:909
>  [<ffffffff8239ce39>] nfnetlink_rcv_msg+0xa59/0xbc0 net/netfilter/nfnetlink.c:215
>  [<ffffffff8238c249>] netlink_rcv_skb+0x149/0x380 net/netlink/af_netlink.c:2349
>  [<ffffffff8239b2ac>] nfnetlink_rcv+0x2ac/0x1190 net/netfilter/nfnetlink.c:479
>  [<ffffffff8238adee>] netlink_unicast_kernel net/netlink/af_netlink.c:1267 [inline]
>  [<ffffffff8238adee>] netlink_unicast+0x51e/0x760 net/netlink/af_netlink.c:1293
>  [<ffffffff8238b8f5>] netlink_sendmsg+0x8c5/0xc20 net/netlink/af_netlink.c:1847
>  [<ffffffff821fcb2f>] sock_sendmsg_nosec net/socket.c:625 [inline]
>  [<ffffffff821fcb2f>] sock_sendmsg+0xcf/0x110 net/socket.c:635
>  [<ffffffff821fe7a3>] ___sys_sendmsg+0x733/0x840 net/socket.c:1962
>  [<ffffffff822007f0>] __sys_sendmsg+0xd0/0x180 net/socket.c:1996
>  [<ffffffff822008d2>] SYSC_sendmsg net/socket.c:2007 [inline]
>  [<ffffffff822008d2>] SyS_sendmsg+0x32/0x50 net/socket.c:2003
>  [<ffffffff82a16b1b>] entry_SYSCALL_64_fastpath+0x18/0x94
> Code: c7 44 18 10 00 00 00 00 48 8d 65 d8 44 89 c0 5b 41 5c 41 5d 41 5e 41 5f 5d c3 4c 89 f2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 c6 36 00 00 49 81 3e 20 ea 88 83 41 ba 00 00 
> RIP  [<ffffffff811ef8ed>] __lock_acquire+0x5bd/0x4eb0 kernel/locking/lockdep.c:3092
> 
> Could the following patch be applied to v4.4.y? This patch is present in v4.9.y.
> * eb075954e9fd ("netfilter: nfnetlink_log: just returns error for unknown command")
> 
> Tests run:
> * Chrome OS tryjobs
> * Syzkaller reproducer

Now applied, thanks.

greg k-h