Received: by 2002:ac0:e34a:0:0:0:0:0 with SMTP id g10csp285107imn; Wed, 27 Jul 2022 23:57:43 -0700 (PDT) X-Google-Smtp-Source: AGRyM1sSdmtfGu8dC6bVknQ/9kWDp01VNYS8Iwv5Ef+ZbqBb2Jeu1nt0Nf5vsuh5A1bl7ZGfZbUz X-Received: by 2002:a17:902:7612:b0:16d:c805:7d4d with SMTP id k18-20020a170902761200b0016dc8057d4dmr143532pll.171.1658991463484; Wed, 27 Jul 2022 23:57:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658991463; cv=none; d=google.com; s=arc-20160816; b=Qu2mVBRODa7JmMJrSCBhVbSUGMj2Hhl+mCyBrIPtoY2XY/ysZVZnsITiZ5sWoPGRDq Jo/YSBAN8ekNepUtqQyoYiK+4H7gMpqOJlNV0dEvAf/gJabhhtjNc5INoe9T7RYb2UqR syQ5FwwVwaOgyREQ23DhMe1F5ofYrRLTk2oSbtGtaPBjYF4m04r2usOlJihTLwhmPitJ 3dqtCf7dqwJavkXkZytlgT5tsJNN4PWFJ6aOUwZwxeGdLEI1JDmF0dhPwH8fA8LEMZBY DqjPb9cee3PL93hNGyucm1zWMHN9MOO0xjDJzsI2FYzk03xlDxsiqa0uhUdf8a1oQhIA tQRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=v8W/2pywH/v1NQUpzT56HyAWq8rIJPLue5ed912vlio=; b=kItaS7fGHn3YOnVkh0X78k0TQ+7qBCCTYCPzAH/B7R7t8M5UnzxihZxVyIK9EID1j+ HGMcV43LG/VTF4LOQ5hKTqNYvIu9j2MOfwODCYMt2YtTv1oxQM6vFRM0BWVpW0BqsSTa lHAejEPFgMSKOep4fKnLi4GGo/6HJDHIhxzCrAKfgKfskeNYssKuWHqlSxUZZMWfFNdo qJBKvGtUP3FjLvzmz61ivsmJZuiu86sudQqlJ/Wyv4KPKE9Z9TJgsZcgjaIaMu70lDX1 s7hRqvTc1Ho1Mo/PDhAFwcGLu3epeZFu6Ia4L4uBlY+3VlM9ooPLlTWDg8ZuSzx22OKd CBpw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=GLqb0tZa; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q28-20020a656a9c000000b003aa90e6d50bsi277844pgu.45.2022.07.27.23.57.27; Wed, 27 Jul 2022 23:57:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=GLqb0tZa; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234370AbiG1Gwe (ORCPT + 99 others); Thu, 28 Jul 2022 02:52:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54756 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233104AbiG1Gwc (ORCPT ); Thu, 28 Jul 2022 02:52:32 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D67F05D0CF for ; Wed, 27 Jul 2022 23:52:31 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 9053AB821BD for ; Thu, 28 Jul 2022 06:52:30 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id B2C91C433B5; Thu, 28 Jul 2022 06:52:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1658991149; bh=K9c9yy81GS7CFkzPv82V7yRAR1v5pIO6ddj+1v5t3Mk=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=GLqb0tZazPI/3BtsiAZ/M4HVVg8whBTxwy2ZEQefsBgNIdkb6+pzCk37NgrFEUmJk xbXiHFoxcgwXEigx8+9C1K0lXdfMBh4l4MbQR2kSyVLHZa1WxpVtnI1JvRqORGvbdL 3xvcqY/cXO+qV8wFkAQESELOErLeHQv7NYTPl/I4= Date: Thu, 28 Jul 2022 08:52:26 +0200 From: Greg KH To: Dipanjan Das Cc: dhowells@redhat.com, sashal@kernel.org, fmdefrancesco@gmail.com, edumazet@google.com, linux-kernel@vger.kernel.org, syzkaller@googlegroups.com, fleischermarius@googlemail.com, its.priyanka.bose@gmail.com Subject: Re: KASAN: use-after-free Read in post_one_notification Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-7.7 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jul 27, 2022 at 02:28:45PM -0700, Dipanjan Das wrote: > Hi, > > We would like to report the following bug which has been found by our > modified version of syzkaller. > > ====================================================== > description: KASAN: use-after-free Read in post_one_notification > affected file: kernel/watch_queue.c > kernel version: 5.10.131 > kernel commit: 8f95261a006489c828f1d909355669875649668b > git tree: upstream > kernel config: https://syzkaller.appspot.com/x/.config?x=e49433cfed49b7d9 > crash reproducer: attached > patch: This bug was previously reported by syzkaller for kernel > version 5.17. The same patch works for kernel version 5.10 as well, > i.e., we tested that the repro can no longer triggers the reported > crash with this patch: > https://syzkaller.appspot.com/text?tag=Patch&x=13b8c83c080000 I'm sorry, I do not understand. So this is fixed in Linus's tree? But not in 5.10.y? Or it is not fixed everywhere? If it is fixed, what is the git commit id of the patch in Linus's tree that fixes this that should be backported to 5.10.y? confused, greg k-h