Re: BUG: unable to handle kernel paging request in __skb_flow_dissect

[Hillf Danton]

On Wed, 17 Jan 2024 15:32:28 +0800 Ubisectech Sirius <bugreport@xxxxxxxxxxxxxx>
> Hello.
> We are Ubisectech Sirius Team, the vulnerability lab of China ValiantSec.
> Recently, our team has discovered a issue in Linux kernel 6.7.0-g052d534373b7.
> Attached to the email were a POC file of the issue.
> Stack dump:
> [ 185.664167][ T8332] BUG: unable to handle page fault for address: ffffed1029c40001
> [ 185.665134][ T8332] #PF: supervisor read access in kernel mode
> [ 185.665877][ T8332] #PF: error_code(0x0000) - not-present page
> [ 185.666481][ T8332] PGD 7ffd0067 P4D 7ffd0067 PUD 3fff5067 PMD 0
> [ 185.667129][ T8332] Oops: 0000 [#1] PREEMPT SMP KASAN
> [ 185.667719][ T8332] CPU: 1 PID: 8332 Comm: poc Not tainted 6.7.0-g052d534373b7 #19
> [ 185.668641][ T8332] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014
> [ 185.669639][ T8332] RIP: 0010:__skb_flow_dissect (net/core/flow_dissector.c:1170 (discriminator 1))

Looks like the syzbot report [1] on 01 Jan 2024, and decoding the test
result of a debug patch [2] is welcome.

Hillf

[1] https://lore.kernel.org/lkml/000000000000498a02060de59162@xxxxxxxxxx/
[2] https://lore.kernel.org/lkml/00000000000078d073060f4b51e7@xxxxxxxxxx/