Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp987954imm;
        Thu, 13 Sep 2018 10:46:53 -0700 (PDT)
X-Google-Smtp-Source: ANB0VdbiOi2hHu0M0mz3ZOecYwTEtPZeTuShZyAf9I5fordkE7mPulnyU32rWBB4B3Uz43D6IBLE
X-Received: by 2002:a63:a012:: with SMTP id r18-v6mr2464585pge.166.1536860813396;
        Thu, 13 Sep 2018 10:46:53 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1536860813; cv=none;
        d=google.com; s=arc-20160816;
        b=JuST2qnqQ2MOJ2KBKPXRlVksnPoU4mGxHLD4blLwbuDLokOAHZWvN9xeqZjlt/pvmZ
         CPMqd9rblSu52KZ5f0TJIlPSTXGvoyQsgTwxmzZCvKGiTrwB6OLMjNNQQpRlI8ZqOjQA
         Kit7/o0FBDTxlO5jKXIhzY9Xhov0wt2ziik2L925Sty9q6RLfJcDnb2WFm2/dNiZJJT9
         p8w9lnv4xSLrf7iN1AzrmMs+anGuS4EY9kj8XceZjFIAUQG/XOiXHGwMgND5kQ0KFs5s
         Kv/LAYiuA97rgvuvAHQo7SCgQROWALFAZOWkn2RfSLYfWkMMErCbS1URGWHwlpsB8oLA
         IYVQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:dkim-signature;
        bh=GZT/mWDmQ0lUKamsyGENfL+7LBls95gbKzwOeeFrUkA=;
        b=I3M8SAgzhixsLbQX5sSLqYYx6hJW+SqcdWUSEpD2to+3vSBv20/DiF1nPAkvOH3qIX
         +3W9w/jalQzOKEGUGZYX9f67TQa7khcyPUTO/KD7ZAFIwKP8uxbdhAZuhj2IZtqDrX++
         tEWY+akrodc7MJtWH7q1CMs0N/QWYK70Amky3pJY8AQjOXTOAQF4/O6psBdw72JdKdaQ
         O7/6Ui+N/d12aSyeMWcXpAqcBrHdnBCFF5jjc2C7gFOlpDIHiSXrZRL9L/vWyvitnVDM
         WYsAMbYbLYSReoEDFz2SzuNiuCSuX1kWWsTHRYmLfgFTi7l85eknlGEjWb+mZHjwA9wH
         p5vQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b="SpFG7r/e";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id y28-v6si4731022pga.485.2018.09.13.10.46.08;
        Thu, 13 Sep 2018 10:46:53 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b="SpFG7r/e";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728065AbeIMWlq (ORCPT <rfc822;rajatbajpailinux@gmail.com>
        + 99 others); Thu, 13 Sep 2018 18:41:46 -0400
Received: from mail-pf1-f193.google.com ([209.85.210.193]:46963 "EHLO
        mail-pf1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727152AbeIMWlq (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 13 Sep 2018 18:41:46 -0400
Received: by mail-pf1-f193.google.com with SMTP id u24-v6so2971690pfn.13;
        Thu, 13 Sep 2018 10:31:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=subject:to:cc:references:from:message-id:date:user-agent
         :mime-version:in-reply-to:content-language:content-transfer-encoding;
        bh=GZT/mWDmQ0lUKamsyGENfL+7LBls95gbKzwOeeFrUkA=;
        b=SpFG7r/eXUbKTvAxOpAyaapnuaRbU8rRXgnQQA74WxmFb8sOQ4E7MezRcsqAuUHZto
         /Asf5IphJFaZaCgZgXo6Pela/v2Ozqcrwf5Kxft2JJXkVjrKbxwqUFfuKFXUOCAtpWGD
         ErQtiWv6WCWZI7tFcLoUayJM4IMrUFj1Gdb2BZ1+BgwuhEa0rShf0/d63vLXn+nrWDV0
         9Yxf1YnmHN82mRtEVKmU/fR77swsxwu+b59FDZrlbyT8KzpkyypREQCSi0ZhEBwUrI7m
         BKSjac7okcSHsSdkeyS4afg5zYEbC+cuk4I1c90P4SEzurLnqiILW8US497p9mwUyku9
         nq+Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:cc:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=GZT/mWDmQ0lUKamsyGENfL+7LBls95gbKzwOeeFrUkA=;
        b=bYgHil6tSXoXiRCXkCMRSUrAE1gZEfxFVpB5shyvHRWt6sWquw4GHGgSyIFI/897PQ
         yzbcsddguNyynf2NgUDkwmbn3jnKygUz6diknCd0sSYKBQ4XDs+ao5VqVqQhbc4hhN0W
         m7qvGT0RLdsK2C17K9EwP1IwoKIIEb46dOwrkCrnfU8vtqCqWexo+hfPTmtwJme6WRfv
         pmzZcqzbmN1On3chZSGfJ9xx/oFMzLeIqgttf1JuAhGqpqChEHjQaetvA3S0jMt8KQ4p
         NJ4zvfy8dcfXAPFTI23qtXCo/TYqtg+Ia/70mMMc63VO0wRfWO2+atpDziYZOPRNLRrj
         YhcA==
X-Gm-Message-State: APzg51BoNjw73hgb+SdEJe3ydrZQDelSviXHmIs/idNJ2NaB1Pn+w4d5
        7gSyK+WHjigPVRCdjuSb2MU=
X-Received: by 2002:a62:3545:: with SMTP id c66-v6mr8332074pfa.63.1536859878236;
        Thu, 13 Sep 2018 10:31:18 -0700 (PDT)
Received: from ?IPv6:2620:15c:2c1:200:55c7:81e6:c7d8:94b? ([2620:15c:2c1:200:55c7:81e6:c7d8:94b])
        by smtp.gmail.com with ESMTPSA id i25-v6sm7967848pfi.150.2018.09.13.10.31.17
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 13 Sep 2018 10:31:17 -0700 (PDT)
Subject: Re: KMSAN: uninit-value in pppoe_rcv
To:     Guillaume Nault <g.nault@alphalink.fr>,
        Alexander Potapenko <glider@google.com>
Cc:     Eric Dumazet <eric.dumazet@gmail.com>,
        syzbot+f5f6080811c849739212@syzkaller.appspotmail.com,
        LKML <linux-kernel@vger.kernel.org>, mostrows@earthlink.net,
        Networking <netdev@vger.kernel.org>,
        syzkaller-bugs@googlegroups.com
References: <0000000000004624c30575a9fd40@google.com>
 <CAG_fn=Vk2HMPCLJV3aj1dt0KkDmksasBRRfKGnCTRHjvQ6OnQg@mail.gmail.com>
 <7424e094-afda-084a-ad80-299f219ced92@gmail.com>
 <CAG_fn=WXPsQBWR1GDsprY3aL4oW0v6EGhNB5wrvPJCOMh_U7wQ@mail.gmail.com>
 <20180913161929.GA1507@alphalink.fr> <20180913172344.GB1507@alphalink.fr>
From:   Eric Dumazet <eric.dumazet@gmail.com>
Message-ID: <9b41183c-34ea-33d3-a1bf-b0d283675af2@gmail.com>
Date:   Thu, 13 Sep 2018 10:31:16 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <20180913172344.GB1507@alphalink.fr>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



On 09/13/2018 10:23 AM, Guillaume Nault wrote:

> Nothing to change in tun.c. Just some more tests in pppoe.
> Can you try this patch? It only addresses this particular report, not
> the problems spotted by Eric.
> 
> -------- 8< --------
> diff --git a/drivers/net/ppp/pppoe.c b/drivers/net/ppp/pppoe.c
> index 5aa59f41bf8c..77241b584dff 100644
> --- a/drivers/net/ppp/pppoe.c
> +++ b/drivers/net/ppp/pppoe.c
> @@ -429,6 +429,9 @@ static int pppoe_rcv(struct sk_buff *skb, struct net_device *dev,
>  	if (!skb)
>  		goto out;
>  
> +	if (skb_mac_header_len(skb) < ETH_HLEN)
> +		goto drop;
> +
>  	if (!pskb_may_pull(skb, sizeof(struct pppoe_hdr)))
>  		goto drop;
>  
> 


Yeah this probably will help ;)