Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp4871856ybi; Tue, 30 Jul 2019 09:34:45 -0700 (PDT) X-Google-Smtp-Source: APXvYqwB3e0ZwQwETMTgvaE+Vg9AP7x55VyuXSfTiI30MyeupFh6HeTmfxP0fBaB6EL9BwuFsU+4 X-Received: by 2002:a63:121b:: with SMTP id h27mr94522038pgl.335.1564504485372; Tue, 30 Jul 2019 09:34:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564504485; cv=none; d=google.com; s=arc-20160816; b=JWATuZuhjZWsqQh0ZS6K3pb9x0vFyTMVQ4WsAJlixxDeiJsYmn9X6JB/aIfoCr+Hxg tBs+S/lWRpwMLHhSUCiOZKDpx2QsvzaC5MOSfr4/l8U0lSRR5W0zad09cG+04i3vQ9qF n0SN4PpNrYkjDbF3ZhzFcOLpyCDj8t+w08DAY1X5Dp2Tr+YaCApcfpRdzaMA+5/p32yL YkVgOLRaikKdvpnjpgu6h74c4xqK+5b4HLvREw/qcTWDERFvL2TDKVQHLIc9cEol3Urm i60+8z3XQ4PIekrcj6aYV3NHtwj0yRmijvBHinb+o6KHxt1tTd7fRzy6cikXs8u+RQoc Calw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=VxDw0/AhSqBc+UFZUyCqEn82uv1wGE11yVcaX4Q0n6o=; b=Kjw8T1dyu1gE56jjZGE6NcdeZzTJf4rcaENqnPiSNESn2pexUSMsCBJ5IaYYXGugwz OTKw8qgiWKksjBav9K2Juv8oKuddddtFUmN26wVGJ9Hy98T29nNrg8OeTAqjLtoZTcW7 C8FkI3HLm45dK6HuY08IV6iV74U5pBl9atfA9A5XCCRmpQn9E3C78qfbtNEi/om8+9GN WqP7dia7QKbhTvHhHTfxdn3EmdPIFIqEFHE/70M7R5ETYmpAlydp09hakNQib547sNXz spXLAFPYEmZo24cq712N/crKlkPIcOnBXA5HhSLBTxlsUadNY5ztZO7cYUKr1HxxoVth O0SA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=dyrBL+wP; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c127si34658689pga.569.2019.07.30.09.34.29; Tue, 30 Jul 2019 09:34:45 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=dyrBL+wP; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730965AbfG3OUP (ORCPT + 99 others); Tue, 30 Jul 2019 10:20:15 -0400 Received: from mail-pf1-f194.google.com ([209.85.210.194]:42116 "EHLO mail-pf1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726225AbfG3OUP (ORCPT ); Tue, 30 Jul 2019 10:20:15 -0400 Received: by mail-pf1-f194.google.com with SMTP id q10so29910324pff.9 for ; Tue, 30 Jul 2019 07:20:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=VxDw0/AhSqBc+UFZUyCqEn82uv1wGE11yVcaX4Q0n6o=; b=dyrBL+wPYhegsmZBAGBP2FqAXypY3hXlWpWfsF+mgCyBUA0/oMiPQvycFXN3A1WD6J +p+u3fsrMWUaxUiUcxPnAs5SCfDBt+ULGVIV6tyT2heZPE/D/ZSTK7yWZ1liHqzaBCeI GqOCLj9pi0x6QeBwfFWNB98qCgd+OKBwTzrNBkt4M4H7/CKhRQN0o2AAMiBz01SL2OgA JggS6g7grF/FxS9rPQmJSJdGrkcVDLjHDHfgRkq3gUZGpR8l9ZQIsECyJBV9LVbSQyQs dljp8qX7VRXub5gq5qdPbxIxvuvHMDhuSsQZUy0ci+TpaaLJ+55tcy03sueidlVCczJi Iv7g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=VxDw0/AhSqBc+UFZUyCqEn82uv1wGE11yVcaX4Q0n6o=; b=VDPeKy47xcWwHstzN2vgtuXSGOtEUHDFG2SKTJFMCmeet1o4iI39nwDKdWZ4he0Hk5 7oBQ+qfmFhTX7qMpHtdzVY/knXoeRN22Z+g5GbN3iyjFg/r2TIl+p7aszOVP8SNcULuK qPm2uNssHvX6RHSZ2NlnEGtZik6zT3RwSstVz6umuOlyzjUCVb4th0ed0f61b6j8vkpG hWxlJrng5eiZJbKuamBdZNZXD5eZMlSNqEA78GXGaThCsMA836iVdc1I2+tslq+pyW0d eYZ4L2+BACe2bsORUd4XNOdoTM8TMA2E4zCbrBIEOiYguIdyRw74BZfmwVWnwjYbv9Dr ydpw== X-Gm-Message-State: APjAAAVTSVs5vFu4PA/hoW2GWwrfsW0DEx3JbwbBFePMxSL444kNm7XR gX7hHpfRQi8HlFOr+KrcAWcMZBYOgLISeJDQeTy/MA== X-Received: by 2002:a17:90a:a116:: with SMTP id s22mr116488183pjp.47.1564496413927; Tue, 30 Jul 2019 07:20:13 -0700 (PDT) MIME-Version: 1.0 References: <00000000000014c877058ee2c4a6@google.com> In-Reply-To: From: Andrey Konovalov Date: Tue, 30 Jul 2019 16:20:02 +0200 Message-ID: Subject: Re: KMSAN: kernel-usb-infoleak in pcan_usb_pro_send_req To: Alan Stern Cc: syzbot , Alexander Potapenko , Greg Kroah-Hartman , "Gustavo A. R. Silva" , Kernel development list , USB list , syzkaller-bugs Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jul 30, 2019 at 4:17 PM Alan Stern wrote: > > On Tue, 30 Jul 2019, syzbot wrote: > > > Hello, > > > > syzbot found the following crash on: > > > > HEAD commit: 41550654 [UPSTREAM] KVM: x86: degrade WARN to pr_warn_rate.. > > git tree: kmsan > > console output: https://syzkaller.appspot.com/x/log.txt?x=13e95183a00000 > > kernel config: https://syzkaller.appspot.com/x/.config?x=40511ad0c5945201 > > dashboard link: https://syzkaller.appspot.com/bug?extid=513e4d0985298538bf9b > > compiler: clang version 9.0.0 (/home/glider/llvm/clang > > 80fee25776c2fb61e74c1ecb1a523375c2500b69) > > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17eafa1ba00000 > > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=17b87983a00000 > > > > IMPORTANT: if you fix the bug, please add the following tag to the commit: > > Reported-by: syzbot+513e4d0985298538bf9b@syzkaller.appspotmail.com > > > > usb 1-1: config 0 has no interface number 0 > > usb 1-1: New USB device found, idVendor=0c72, idProduct=0014, > > bcdDevice=8b.53 > > usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 > > usb 1-1: config 0 descriptor?? > > peak_usb 1-1:0.146: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels) > > ================================================================== > > BUG: KMSAN: kernel-usb-infoleak in usb_submit_urb+0x7ef/0x1f50 > > drivers/usb/core/urb.c:405 > > What does "kernel-usb-infoleak" mean? That means that the kernel put some uninitialized data into a request that was sent to a USB device. > > Alan Stern >