Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp613294yba; Thu, 16 May 2019 06:21:38 -0700 (PDT) X-Google-Smtp-Source: APXvYqzy0RsPIVM9h9xxycjZxkVsnGgO/JVnq1BvDvpJi2JCjnpSiOWdoCKYRcmHBKc1NiCzX5iC X-Received: by 2002:a65:5886:: with SMTP id d6mr50250912pgu.295.1558012898495; Thu, 16 May 2019 06:21:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1558012898; cv=none; d=google.com; s=arc-20160816; b=MzaHUOXe04qdD6jFPNBobpZAteAneQpw0BiYa9lnZgMfkHz/L4lpZ9/bw0kSPRBQZT YZgy1kP7sK948LansaKLYMDpVk4IP4cyrlys/Yx5grplgSm1uuYFrSQdNMWIQd/kjjHl hfQ+2plntRz5FZtiX4IWsOuLyTfV0fjU0DneOjgZxxYCP9hN749rw0XZatM8/v9yEKcd SvHgNf4TK6sGtprDpV2HTofZZGSEOcktORPVCA+Ov+vWQwM0NE0KcYTBDtCoiinJbVoo O4IkVmdjs2gNvj/isKjbs4rn4FmP303y0gxFtSxanxedsn9Vw8AWovceismHRf91jBnk YiVA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=8Mom9MODQ5/QqS+RDXttev2mPfjd0+NlE9IuL/dY7r0=; b=i0YeAI96unf5iVErQREbLMngfVAZs8geKQhzaiU8sFauDm6R1xXCZU/whDcgEzmlHA stsfaPMPE0EJKrAyFz3dNC8VJgCD4pN1K+SXUtAdlGCYa2X97g2zt6+jc/A7hg+eFlEB g8PQpsoA01wuxkfzhbpPMtBb2ZDmcogg0mVb4C3h/TL9ZpYpvSqBm8DCUx/Pkcs0QsmW 4KkOv3FXzezASaJ3Ou+KHvStTs4dHlG7Epntql3ho2z6eqS/wiRQYtQC9+IV+DRSERc5 svn243QQxyINsuSRgLYRH+Ullf780mvvXJuufMHWLagHClNvd4OXVjXHs7/sIiezv4IE H57Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=NyYpd+dk; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k23si2781717pls.88.2019.05.16.06.21.22; Thu, 16 May 2019 06:21:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=NyYpd+dk; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727061AbfEPNUB (ORCPT + 99 others); Thu, 16 May 2019 09:20:01 -0400 Received: from mail-vk1-f193.google.com ([209.85.221.193]:45168 "EHLO mail-vk1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726528AbfEPNUB (ORCPT ); Thu, 16 May 2019 09:20:01 -0400 Received: by mail-vk1-f193.google.com with SMTP id r23so999286vkd.12 for ; Thu, 16 May 2019 06:20:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=8Mom9MODQ5/QqS+RDXttev2mPfjd0+NlE9IuL/dY7r0=; b=NyYpd+dkEe2YZFx36BzlohQJ+8JNYLj3zvAZeOi8NXLBd9Cfc1WAr4LKDFtfqnGpad StU7H7B3CNs4PTRtMPNyu48VG0OZOTZup0nt++JNMt27PlrD0ZmxJV1bfN72QLCfNuf6 w7gdkwYzuTZZNUyNWLDDFcEpc+Yt/Koj5aaJMPvc1MnekJnzFPwg/6VOt0JMkZ3JCPck x3J0yX/c5zszJjTgdOGbi0c8d6dY2RpB2WP5V1wutc4hZGvz37FMXRudGdXPGb3adGS4 HMQw1aG9pYnoANuDja2STHdq5iiD076Y53phnswgHQxYlemD+OLxg7fnU/di1ZVQ146z ojdQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=8Mom9MODQ5/QqS+RDXttev2mPfjd0+NlE9IuL/dY7r0=; b=O4YC1sQv5B5iidEW/wMgseNT3DBCG+c86QLmgGQNPZrsoTLxrOBif+z9HocI9NMuQJ n6OSgVqz25xdy8OsFfHUqcdHA9fVMjLDZjUs8WuDpWrPAUQgfT8IO82VJFYdI+OAMGJy jaE0FxQtx44zUBBcR3fJ9k8Oc8B4BFIBnkCs9wk4/nYtLEFcb7Zo8Sp7/tQmCClbSaMx XNakb8DTtjGKTgauYF5XBC7ND3g72g5S0Ua8wOkqiaUr9i19U93rXjUGUfl7pMZ0UgGs w/UiD+56ujcKOTrdJ2Ug8zqOiWAmgUnxDBIqaigUwZroSqrPty4GIFOiG7QIQoyzunNR 2XjQ== X-Gm-Message-State: APjAAAUKPdSFf5cUgiLiLZBYYNZmJAAYdwSeBJOBG5IbJvSjjrjhY35U FCEqSnM2sJlIoATqHpzAWcdKKf215MBZbD/Zk9UlPsQE9fc= X-Received: by 2002:a1f:3492:: with SMTP id b140mr22269628vka.8.1558012799699; Thu, 16 May 2019 06:19:59 -0700 (PDT) MIME-Version: 1.0 References: <00000000000032685a058900d170@google.com> <2b0b9d18-6773-f2dc-ecb2-9f8782d0962a@i-love.sakura.ne.jp> In-Reply-To: <2b0b9d18-6773-f2dc-ecb2-9f8782d0962a@i-love.sakura.ne.jp> From: Alexander Potapenko Date: Thu, 16 May 2019 15:19:48 +0200 Message-ID: Subject: Re: KMSAN: uninit-value in tomoyo_check_inet_address To: Tetsuo Handa Cc: syzbot , James Morris , LKML , linux-security-module , "Serge E. Hallyn" , syzkaller-bugs , takedakn@nttdata.co.jp Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Tetsuo Handa Date: Thu, May 16, 2019 at 3:13 PM To: syzbot Cc: , , , , , , > On 2019/05/16 21:58, syzbot wrote: > > Hello, > > > > syzbot found the following crash on: > > > > HEAD commit: 3b955a40 usb-fuzzer: main usb gadget fuzzer driver > > git tree: kmsan > > console output: https://syzkaller.appspot.com/x/log.txt?x=3D1027e608a00= 000 > > kernel config: https://syzkaller.appspot.com/x/.config?x=3D602468164cc= dc30a > > dashboard link: https://syzkaller.appspot.com/bug?extid=3D1018d578c410f= 9f37261 > > compiler: clang version 9.0.0 (/home/glider/llvm/clang 06d00afa61= eef8f7f501ebdb4e8612ea43ec2d78) > > > > Unfortunately, I don't have any reproducer for this crash yet. > > This should be already fixed in linux.git. > > #syz fix: tomoyo: Check address length before reading address family > > commit e6193f78bb689f3f424559bb45f4a091c8b314df > Author: Tetsuo Handa > Date: Fri Apr 12 19:59:36 2019 +0900 > > tomoyo: Check address length before reading address family > > KMSAN will complain if valid address length passed to bind()/connect(= )/ > sendmsg() is shorter than sizeof("struct sockaddr"->sa_family) bytes. > > Signed-off-by: Tetsuo Handa > Signed-off-by: James Morris Apparently the fix didn't make it to 5.1, I'll cherry-pick it to KMSAN tree= . OOC, how did you know about this bug? > -- > You received this message because you are subscribed to the Google Groups= "syzkaller-bugs" group. > To unsubscribe from this group and stop receiving emails from it, send an= email to syzkaller-bugs+unsubscribe@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/msgi= d/syzkaller-bugs/2b0b9d18-6773-f2dc-ecb2-9f8782d0962a%40i-love.sakura.ne.jp= . > For more options, visit https://groups.google.com/d/optout. --=20 Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Stra=C3=9Fe, 33 80636 M=C3=BCnchen Gesch=C3=A4ftsf=C3=BChrer: Paul Manicle, Halimah DeLaine Prado Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg