Re: general protection fault in erspan_netlink_parms
From: Petr Machata
Date: Mon Mar 16 2020 - 13:00:50 EST
I've got this reproduced, it happens when IFLA_INFO_DATA is not passed,
so "ip link add type erspan". The problem is that the commit referenced
below doesn't check data != NULL in the ERSPAN branch. I'll send a fix
later today.
syzbot <syzbot+1b4ebf4dae4e510dd219@xxxxxxxxxxxxxxxxxxxxxxxxx> writes:
> syzbot has bisected this bug to:
>
> commit e1f8f78ffe9854308b9e12a73ebe4e909074fc33
> Author: Petr Machata <petrm@xxxxxxxxxxxx>
> Date: Fri Mar 13 11:39:36 2020 +0000
>
> net: ip_gre: Separate ERSPAN newlink / changelink callbacks
>
> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=101477fde00000
> start commit: 0fda7600 geneve: move debug check after netdev unregister
> git tree: net
> final crash: https://syzkaller.appspot.com/x/report.txt?x=121477fde00000
> console output: https://syzkaller.appspot.com/x/log.txt?x=141477fde00000
> kernel config: https://syzkaller.appspot.com/x/.config?x=c2e311dba9a02ba9
> dashboard link: https://syzkaller.appspot.com/bug?extid=1b4ebf4dae4e510dd219
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1627f955e00000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=111ac52de00000
>
> Reported-by: syzbot+1b4ebf4dae4e510dd219@xxxxxxxxxxxxxxxxxxxxxxxxx
> Fixes: e1f8f78ffe98 ("net: ip_gre: Separate ERSPAN newlink / changelink callbacks")
>
> For information about bisection process see: https://goo.gl/tpsmEJ#bisection