asgardius/android_kernel_motorola_sm6225
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_motorola_sm6225/drivers/net/usb
History
Phong Tran ca37b9a746 net: usb: asix: init MAC address buffers 
[ Upstream commit 78226f6eaac80bf30256a33a4926c194ceefdf36 ]

This is for fixing bug KMSAN: uninit-value in ax88772_bind

Tested by
https://groups.google.com/d/msg/syzkaller-bugs/aFQurGotng4/eB_HlNhhCwAJ

Reported-by: syzbot+8a3fc6674bbc3978ed4e@syzkaller.appspotmail.com

syzbot found the following crash on:

HEAD commit:    f75e4cfe kmsan: use kmsan_handle_urb() in urb.c
git tree:       kmsan
console output: https://syzkaller.appspot.com/x/log.txt?x=136d720ea00000
kernel config:
https://syzkaller.appspot.com/x/.config?x=602468164ccdc30a
dashboard link:
https://syzkaller.appspot.com/bug?extid=8a3fc6674bbc3978ed4e
compiler:       clang version 9.0.0 (/home/glider/llvm/clang
06d00afa61eef8f7f501ebdb4e8612ea43ec2d78)
syz repro:
https://syzkaller.appspot.com/x/repro.syz?x=12788316a00000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=120359aaa00000

==================================================================
BUG: KMSAN: uninit-value in is_valid_ether_addr
include/linux/etherdevice.h:200 [inline]
BUG: KMSAN: uninit-value in asix_set_netdev_dev_addr
drivers/net/usb/asix_devices.c:73 [inline]
BUG: KMSAN: uninit-value in ax88772_bind+0x93d/0x11e0
drivers/net/usb/asix_devices.c:724
CPU: 0 PID: 3348 Comm: kworker/0:2 Not tainted 5.1.0+ #1
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Workqueue: usb_hub_wq hub_event
Call Trace:
  __dump_stack lib/dump_stack.c:77 [inline]
  dump_stack+0x191/0x1f0 lib/dump_stack.c:113
  kmsan_report+0x130/0x2a0 mm/kmsan/kmsan.c:622
  __msan_warning+0x75/0xe0 mm/kmsan/kmsan_instr.c:310
  is_valid_ether_addr include/linux/etherdevice.h:200 [inline]
  asix_set_netdev_dev_addr drivers/net/usb/asix_devices.c:73 [inline]
  ax88772_bind+0x93d/0x11e0 drivers/net/usb/asix_devices.c:724
  usbnet_probe+0x10f5/0x3940 drivers/net/usb/usbnet.c:1728
  usb_probe_interface+0xd66/0x1320 drivers/usb/core/driver.c:361
  really_probe+0xdae/0x1d80 drivers/base/dd.c:513
  driver_probe_device+0x1b3/0x4f0 drivers/base/dd.c:671
  __device_attach_driver+0x5b8/0x790 drivers/base/dd.c:778
  bus_for_each_drv+0x28e/0x3b0 drivers/base/bus.c:454
  __device_attach+0x454/0x730 drivers/base/dd.c:844
  device_initial_probe+0x4a/0x60 drivers/base/dd.c:891
  bus_probe_device+0x137/0x390 drivers/base/bus.c:514
  device_add+0x288d/0x30e0 drivers/base/core.c:2106
  usb_set_configuration+0x30dc/0x3750 drivers/usb/core/message.c:2027
  generic_probe+0xe7/0x280 drivers/usb/core/generic.c:210
  usb_probe_device+0x14c/0x200 drivers/usb/core/driver.c:266
  really_probe+0xdae/0x1d80 drivers/base/dd.c:513
  driver_probe_device+0x1b3/0x4f0 drivers/base/dd.c:671
  __device_attach_driver+0x5b8/0x790 drivers/base/dd.c:778
  bus_for_each_drv+0x28e/0x3b0 drivers/base/bus.c:454
  __device_attach+0x454/0x730 drivers/base/dd.c:844
  device_initial_probe+0x4a/0x60 drivers/base/dd.c:891
  bus_probe_device+0x137/0x390 drivers/base/bus.c:514
  device_add+0x288d/0x30e0 drivers/base/core.c:2106
  usb_new_device+0x23e5/0x2ff0 drivers/usb/core/hub.c:2534
  hub_port_connect drivers/usb/core/hub.c:5089 [inline]
  hub_port_connect_change drivers/usb/core/hub.c:5204 [inline]
  port_event drivers/usb/core/hub.c:5350 [inline]
  hub_event+0x48d1/0x7290 drivers/usb/core/hub.c:5432
  process_one_work+0x1572/0x1f00 kernel/workqueue.c:2269
  process_scheduled_works kernel/workqueue.c:2331 [inline]
  worker_thread+0x189c/0x2460 kernel/workqueue.c:2417
  kthread+0x4b5/0x4f0 kernel/kthread.c:254
  ret_from_fork+0x35/0x40 arch/x86/entry/entry_64.S:355

Signed-off-by: Phong Tran <tranmanphong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2019-07-26 09:14:15 +02:00
..
asix.h
asix_common.c asix: Check for supported Wake-on-LAN modes 2018-09-29 11:31:29 -07:00
asix_devices.c net: usb: asix: init MAC address buffers 2019-07-26 09:14:15 +02:00
ax88172a.c
ax88179_178a.c ax88179_178a: Check for supported Wake-on-LAN modes 2018-09-29 11:31:29 -07:00
catc.c net: usb: Mark expected switch fall-throughs 2018-06-30 20:47:16 +09:00
cdc-phonet.c net: usb: Mark expected switch fall-throughs 2018-06-30 20:47:16 +09:00
cdc_eem.c net: cdc_eem: clean up bind error path 2018-03-07 15:39:27 -05:00
cdc_ether.c cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN 2018-04-11 10:36:38 -04:00
cdc_mbim.c net: usb: cdc_mbim: add flag FLAG_SEND_ZLP 2018-06-01 14:01:42 -04:00
cdc_ncm.c net/usb/drivers: Remove useless hrtimer_active check 2018-06-20 09:05:44 +09:00
cdc_subset.c
ch9200.c
cx82310_eth.c
dm9601.c
gl620a.c
hso.c USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data 2018-12-29 13:37:54 +01:00
huawei_cdc_ncm.c
int51x1.c
ipheth.c usbnet: ipheth: fix racing condition 2019-06-19 08:18:04 +02:00
kalmia.c net: kalmia: clean up bind error path 2018-03-07 15:39:27 -05:00
kaweth.c net: usb: kaweth: use irqsave() in USB's complete callback 2018-06-22 13:57:45 +09:00
Kconfig lan78xx: Lan7801 Support for Fixed PHY 2018-04-29 21:41:01 -04:00
lan78xx.c lan78xx: Resolve issue with changing MAC address 2019-01-13 09:51:02 +01:00
lan78xx.h
lg-vl600.c net: drivers/net: Remove unnecessary skb_copy_expand OOM messages 2018-03-15 14:28:03 -04:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mcs7830.c
net1080.c
pegasus.c net: usb: pegasus: Replace mdelay() with msleep() in setup_pegasus_II() 2018-07-27 13:45:15 -07:00
pegasus.h
plusb.c
qmi_wwan.c qmi_wwan: extend permitted QMAP mux_id value range 2019-07-14 08:11:13 +02:00
r8152.c r8152: Check for supported Wake-on-LAN Modes 2018-09-29 11:31:29 -07:00
rndis_host.c rndis_host: support Novatel Verizon USB730L 2017-10-03 14:30:46 -07:00
rtl8150.c Merge ra.kernel.org:/pub/scm/linux/kernel/git/torvalds/linux 2018-07-20 21:17:12 -07:00
sierra_net.c net: usb: Convert timers to use timer_setup() 2017-10-18 12:40:26 +01:00
smsc75xx.c net/usb: cancel pending work when unbinding smsc75xx 2018-10-04 13:51:30 -07:00
smsc75xx.h
smsc95xx.c usbnet: smsc95xx: fix rx packet alignment 2019-02-12 19:47:00 +01:00
smsc95xx.h
sr9700.c net: usb: sr9700: Replace mdelay() with msleep() in sr9700_bind() 2018-07-27 13:45:15 -07:00
sr9700.h
sr9800.c sr9800: Check for supported Wake-on-LAN modes 2018-09-29 11:31:29 -07:00
sr9800.h
usbnet.c usbnet: fix kernel crash after disconnect 2019-06-04 08:02:32 +02:00
zaurus.c