Received: by 2002:ab2:620c:0:b0:1ef:ffd0:ce49 with SMTP id o12csp1530785lqt; Wed, 20 Mar 2024 06:55:11 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVz4BqLGXiu/9YsOovf4ERPMAWPw0NZMkSxuIr1q3dOZItqtkik5IcvufCskdZh5YOUNSnjxHBFbdKtrwc4g3/WKVp7WF0TU0J5glYwLA== X-Google-Smtp-Source: AGHT+IExkpdzOMFkIeqUf1KoB5nioDMq/T8emhOL59nsr/4Tfcilj4/euPj6OO1f+Nj4aXW+zo0q X-Received: by 2002:a17:90a:c205:b0:2a0:1f2:e3ca with SMTP id e5-20020a17090ac20500b002a001f2e3camr1365572pjt.36.1710942910760; Wed, 20 Mar 2024 06:55:10 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1710942910; cv=pass; d=google.com; s=arc-20160816; b=QCjirvUEGLn3NOyzdTW/4ohKMJkq+cU5q2uuC4ldiA7JotiTnr9jT9+lfAMasbWt1u m4cg+tirb5ChfCwxHqsRz6RYvtbFxXFlIPIJ3OC7Jw1DDkA/Vt7cQoQmXR6Ou+bgvFOT ZUBHaVJhsZxD2guQZrkknw1bE3BIQVFzqc81+7Bg7IyyHYf6KzEXr3QTR0PGnrfvS5am /SOGBl+beSkQf5M9qE7aOQKITmNuBY1YYr3MF1ckGYE67mV79UJlyx+fRXTyF/2gFXBa +mRUp9VwMrMOH7F6WKHUlWvTgttZXqLU2fGMvg4vqN4Qgfm0KeBUuJy2Vh4RkL7cQNC3 a4WQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :references:message-id:subject:cc:to:from:date:dkim-signature; bh=etnN6SZNp2ppKiE78svR6WauCS8nWrn17DdW65QvDEA=; fh=mn1TkRz8lOv4pmz+oeG+Hwm8U5PuBEHslKAWvj7rZDA=; b=RjiIUMblk9ERpJDp96H8kHZTV4S/9+2IMTzBUS4DKAS9vqWIBmwfCg3cZPCg1YscIt r8X6F4OSojX4me+va1+a4JMg29fFI5xrWlSH3TJFr+punyDISkIEV4qr2iN07iEFBv5S f73bHRhx4YPbdOyUSl3bj/JLBegUqy4ZudZdPVWfyvIWP9/He2+G4vEGj7OyywMsRw0w h4YWeYQ2MrNwaVjxrQlnh2ClZX9ghew4b7HxW30Qx8NTp64LddWUOugYDG0vc5ej92tA PD5ijL0HKJDTH2bsSP+0swoX3KFGu6a7fwvqJtPBhdgjdVeRvySUlEluQBBvK4gVzGXy t6CA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@resnulli-us.20230601.gappssmtp.com header.s=20230601 header.b=154gHE8q; arc=pass (i=1 dkim=pass dkdomain=resnulli-us.20230601.gappssmtp.com); spf=pass (google.com: domain of linux-kernel+bounces-108976-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-108976-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id kk17-20020a17090b4a1100b002a00d3d9394si477009pjb.61.2024.03.20.06.55.10 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 20 Mar 2024 06:55:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-108976-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@resnulli-us.20230601.gappssmtp.com header.s=20230601 header.b=154gHE8q; arc=pass (i=1 dkim=pass dkdomain=resnulli-us.20230601.gappssmtp.com); spf=pass (google.com: domain of linux-kernel+bounces-108976-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-108976-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 6BE48286BD0 for ; Wed, 20 Mar 2024 13:55:10 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 5A93B446AE; Wed, 20 Mar 2024 13:55:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=resnulli-us.20230601.gappssmtp.com header.i=@resnulli-us.20230601.gappssmtp.com header.b="154gHE8q" Received: from mail-wm1-f45.google.com (mail-wm1-f45.google.com [209.85.128.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D3D1229CFD for ; Wed, 20 Mar 2024 13:55:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.45 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710942902; cv=none; b=scp8JVGC9JAwq0qDPbq8MCRWXWuTX8ZF2QIagNiyznNH/8d+X5oXHMLHEf6boYi4rXOBPwickkZZJnzp0uFfO0m/E9WhPPwO43Lx5cSYMtBxIUTIbMCTilpFFyka5yTiYlM3qgl/JTpYldgN1NhCPcCUmmt4VJJomHqjR4nSy/w= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710942902; c=relaxed/simple; bh=r4Ox4Fkb6OTqvzf3uywc2+X20ucxQSfPB6rzlahv6SI=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=C1DOxi/UwMgxeK/HrtV68EEV6LRVl5fTOtN8R4hHYU6UUxtadYfxY71SRlG26/RQvQRbwcFPkMIe4DmZ0ws/iIRK50ytENcIoiYaATNwRj4UUvYMQYe3UncBZeV70u1Ff/YRBz+1V24zBJm5h8SuOuGUtP67uSn4i9VgYccx3Z4= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=resnulli.us; spf=none smtp.mailfrom=resnulli.us; dkim=pass (2048-bit key) header.d=resnulli-us.20230601.gappssmtp.com header.i=@resnulli-us.20230601.gappssmtp.com header.b=154gHE8q; arc=none smtp.client-ip=209.85.128.45 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=resnulli.us Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=resnulli.us Received: by mail-wm1-f45.google.com with SMTP id 5b1f17b1804b1-41464711dc8so15541205e9.1 for ; Wed, 20 Mar 2024 06:55:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=resnulli-us.20230601.gappssmtp.com; s=20230601; t=1710942899; x=1711547699; darn=vger.kernel.org; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date:from:to :cc:subject:date:message-id:reply-to; bh=etnN6SZNp2ppKiE78svR6WauCS8nWrn17DdW65QvDEA=; b=154gHE8qy7yOZCJJ1Xt/LeHIcIGT/hYh7JqT7waAlJKMVXBMbUbFpS7WJEUCUjy8jP xjNnQ7fizKDe/MvKfylyQ/dRZHF3d+k7jWRzxpSrTbmrjMnWmvo41vC+e93HLfLTqUNS fOGCoFpYCeFN63zrAwiBE/EsMNyrGO6XkkldNtyvzXXUoAlqdDVkUk1XqUskCfNAVNqv /jGIstUEvqSCgAlAuy8nPngV63TPslRtYTthqIaxlaIzW+26xBw+yp+RzOWAkwVTtqiz HLMEjGVzayyO9EYZ5nMc5myUTJoobuL1wNPoHcjN8NBp/T0Dm9/uRgMr5mPc/6037yHA K+5g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710942899; x=1711547699; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=etnN6SZNp2ppKiE78svR6WauCS8nWrn17DdW65QvDEA=; b=jLgclFXcBEb+dnirdN8rxYY09zzTJQKnPhp07VgSX1syof6Imc9p3y9eDHsX7QfUZl OiSBd8DuRiUr4E70pNRccpn795WadlAze2GC8isGKCWsicRo1adlCRJPHhh4hlrYULgI B4M3SiLJlWoQFuqQA1w5JOrCgPQb/envSaEza53tWmpE90QQPx1EqrPL4n1+pw263BfJ Horb6DS8/CBe5KXU9ELorj+z1dyqhzTfIE16u3cUu403QfmCwt3Pxhln2kx5o7FtaULW wo3FXgVthT1K2ltNje9b1Nyy1oodC6wb8y6l9nRctZu1EbUFYMul6BA0Rtqn7Zl5xHVK cqRw== X-Forwarded-Encrypted: i=1; AJvYcCV/z9ytMumbOPQHgcp7H8FU43H1rbHi2CCHpOMWAxzzCrD46rVDZjDRuoZt1gUYBdrX3yoKE1Q/7oJXpYq/IcqOopQaV9fT75GBbRnP X-Gm-Message-State: AOJu0YwLNSY8AN1grg97VB8gupgYjNmRdNgQYQGkIIea4JFkhirZdvZ/ j+69jPAxnFKpRMU4laCYJkIT7yuuZCztnkCHIykbu0DXrA+ft1PEholaf33qogM= X-Received: by 2002:a05:600c:3106:b0:414:846:4469 with SMTP id g6-20020a05600c310600b0041408464469mr1779197wmo.38.1710942899121; Wed, 20 Mar 2024 06:54:59 -0700 (PDT) Received: from localhost ([86.61.181.4]) by smtp.gmail.com with ESMTPSA id t17-20020a05600c199100b004146e58cc32sm1397539wmq.12.2024.03.20.06.54.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 20 Mar 2024 06:54:58 -0700 (PDT) Date: Wed, 20 Mar 2024 14:54:57 +0100 From: Jiri Pirko To: Eric Dumazet Cc: Anastasia Belova , "David S. Miller" , Jakub Kicinski , netdev@vger.kernel.org, linux-kernel@vger.kernel.org, lvc-project@linuxtesting.org Subject: Re: [PATCH] flow_dissector: prevent NULL pointer dereference in __skb_flow_dissect Message-ID: References: <20240320125635.1444-1-abelova@astralinux.ru> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: Wed, Mar 20, 2024 at 02:43:22PM CET, edumazet@google.com wrote: >On Wed, Mar 20, 2024 at 2:38 PM Jiri Pirko wrote: >> >> Wed, Mar 20, 2024 at 01:56:35PM CET, abelova@astralinux.ru wrote: >> >skb is an optional parameter, so it may be NULL. >> >Add check defore dereference in eth_hdr. >> > >> >Found by Linux Verification Center (linuxtesting.org) with SVACE. >> >> Either drop this line which provides no value, or attach a link to the >> actual report. >> >> >> > >> >Fixes: 67a900cc0436 ("flow_dissector: introduce support for Ethernet addresses") >> >> This looks incorrect. I believe that this is the offending commit: >> commit 690e36e726d00d2528bc569809048adf61550d80 >> Author: David S. Miller >> Date: Sat Aug 23 12:13:41 2014 -0700 >> >> net: Allow raw buffers to be passed into the flow dissector. >> >> >> >> >Signed-off-by: Anastasia Belova >> >--- >> > net/core/flow_dissector.c | 2 +- >> > 1 file changed, 1 insertion(+), 1 deletion(-) >> > >> >diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c >> >index 272f09251343..05db3a8aa771 100644 >> >--- a/net/core/flow_dissector.c >> >+++ b/net/core/flow_dissector.c >> >@@ -1137,7 +1137,7 @@ bool __skb_flow_dissect(const struct net *net, >> > rcu_read_unlock(); >> > } >> > >> >- if (dissector_uses_key(flow_dissector, >> >+ if (skb && dissector_uses_key(flow_dissector, >> > FLOW_DISSECTOR_KEY_ETH_ADDRS)) { >> > struct ethhdr *eth = eth_hdr(skb); >> > struct flow_dissector_key_eth_addrs *key_eth_addrs; >> >> Looks like FLOW_DISSECT_RET_OUT_BAD should be returned in case the >> FLOW_DISSECTOR_KEY_ETH_ADDRS are selected and there is no skb, no? >> > >It would be nice knowing in which context we could have a NULL skb and >FLOW_DISSECTOR_KEY_ETH_ADDRS >at the same time. > >It seems this fix is based on some kind of static analysis, but no real bug. Yeah, I agree. That's the main reason I asked for the link to the report.