wonderful-mobile/exynos-linux-stable
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exynos-linux-stable/include/linux/can
History
Exact
Oliver Hartkopp b6b0964921 can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing CAN sk_buffs 
commit e7153bf70c3496bac00e7e4f395bb8d8394ac0ea upstream.

KMSAN sysbot detected a read access to an untinitialized value in the
headroom of an outgoing CAN related sk_buff. When using CAN sockets this
area is filled appropriately - but when using a packet socket this
initialization is missing.

The problematic read access occurs in the CAN receive path which can
only be triggered when the sk_buff is sent through a (virtual) CAN
interface. So we check in the sending path whether we need to perform
the missing initializations.

Fixes: d3b58c47d3 ("can: replace timestamp as unique skb attribute")
Reported-by: syzbot+b02ff0707a97e4e79ebb@syzkaller.appspotmail.com
Signed-off-by: Oliver Hartkopp <socketcan@hartkopp.net>
Tested-by: Oliver Hartkopp <socketcan@hartkopp.net>
Cc: linux-stable <stable@vger.kernel.org> # >= v4.1
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-01-14 20:04:28 +01:00
..
platform can: unify identifiers to ensure unique include processing 2014-05-19 09:38:24 +02:00
core.h can: Fix kernel panic at security_sock_rcv_skb 2017-02-18 15:11:40 +01:00
dev.h can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing CAN sk_buffs 2020-01-14 20:04:28 +01:00
led.h can: headers: make header files self contained 2015-09-21 08:38:22 +02:00
skb.h can: replace timestamp as unique skb attribute 2015-07-12 21:13:22 +02:00