From nobody Fri Jun 19 22:18:18 2026 Received: from mail-wm1-f41.google.com (mail-wm1-f41.google.com [209.85.128.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3F278331A78 for ; Tue, 21 Apr 2026 07:37:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.41 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776757069; cv=none; b=kQzhvxP+G5EjTmiqPiqgzEBr8y4hf/u54+Gf7Zznnio5mjsnIQ0nop7Cz5B8Q1UB1lCQRfZQHO2rlidjafZUBr/EKkzIpBGryceX+/tilDle2aC+DDRx1uPuoV4V+4aObWEJtG7y35nHFM9GyDhDEOs3YwRXY4DJrkW/z+loa0U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776757069; c=relaxed/simple; bh=rt4wqxwDz7bsDxeraQEO0K5hU8JIJcUXKnSVXRUwNTw=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=UT91ceNAWCftKky5BnKFTeqYrufIyiGjDKr3lSiGaqC8HUQhD5tD3gEoOk2m/RKm1AY/b35q/YcmEncZpSHLIWX+r8xjbkTYUwE+mPUXeqej3eCTOsI1a2SF+rgqtKqnALnZqGPL3AKSlHIixrgg7/GX5arJAM26B2HkVYp8tI4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=WWXGP0GI; arc=none smtp.client-ip=209.85.128.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="WWXGP0GI" Received: by mail-wm1-f41.google.com with SMTP id 5b1f17b1804b1-488b8bc6bc9so26859915e9.3 for ; Tue, 21 Apr 2026 00:37:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1776757067; x=1777361867; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=Q9MSpkDs/YA1OHYfaSUQ5bT/WJy5enL5wzyN0Hj8Q2s=; b=WWXGP0GIQ24RyQosqY0cq0/RzQfNrVMcW0JIwJL9Tf36FLaTiZnEj17M0m+OgK40y5 4d5RIMDijF5gssP5ElMMokTF1Ev1cu3Ig4oUG5MLIo4pDXkep0iBo5H3iag3sM7vYApl upNH72xlWI30KWnblYn+zu3ikW+K77A0pJg3mIrhsxH+/gSgNgcWs/xBvEJtacJzsOA5 rDbZG4ltoZ7umlVKCYysTC5veGltc+2UxlIMwja5ic+EWrrvYmBEIRwNuG2SF/sW8H6O +Oi1/luEoCO3z+O0nZoJAeUNTaFQQuC9cNdT4slKRUI/xcBC9hFpaohVzA7kbHdZCV8e II0Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1776757067; x=1777361867; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=Q9MSpkDs/YA1OHYfaSUQ5bT/WJy5enL5wzyN0Hj8Q2s=; b=BvHpL9eF3FPpc1UPw0cvbyk1NusN/do4oyZCplVP9tZoyrAuYHs+vkz7XimT8R/Jk2 cELprueFSuiV6jwQkdkR2+dccpIiZkrl18uKuo5wyM0D12s3qJqe4L43Umb+ZcKj2MmS 6bv81pvBwQtw+g5HbLGz64ASLU/uJj+r1FZ/RKYiRyDPWcMgKmX8JGF5odLHrvWluDbR 27yipgIERNZV7mtnh64jIzXoRSigeZtKZMGDiG0w+kAwQbikm1Z1DOzO46MGEqC+j/b1 O5gKE19Cf4cWJJXFdT20ufUnz9adIM7aiwA0FuT1xnNfSxa6KCA3+pXnIO8j2/k4fsvF N2AA== X-Forwarded-Encrypted: i=1; AFNElJ/90GVL8CnLokvtwmgoH8rNvBozBtJ4+/n+3l9BgE79aSbyejh37PcdNxvHUKD0rLB8RLUSRVODmS3UBbM=@vger.kernel.org X-Gm-Message-State: AOJu0YxxH7jg1Y17fCCeflKxCynoGXTYITivPdDUmehtPVZ56sbsvRtk /v0JyD5Rk9C2j8ThMmL/RljU9g61BekM0afa//9siKETpc8Fa4d/RXJL X-Gm-Gg: AeBDieuSIhFbr2nTVbjKAxbxtsAzG07yqs+cWmkDjwZA9tm6JM0Rslj1/DEkipmID7G GTaTari2teS57C+8R+vZ7kGAyOsJBjli0PkcKhsWf3YGSwgfdt/wojqj9medjVuUKUfnnntv8jS le5BQ6Ax+GEn3dEx5OjltsxpvxNFeFToABd7+z6VpUAlln4/f0Ppm7FYWWSpKhcR4llvPA8z52W FYIXEG9XEQTgQk63p1+L/nbNwXNRtD2RFhwlDczrB3yVOY8SaOzR9+jJgiK3SK7V66WSOH5Qyei 4TPa0WPpg79eg0fR/xyG9+wZzTv4CH9B9G2FrYQXroqHHzt5fUTZ2nQDCcWLT5z/yN3LIiofm1R Ely2oZ/N1SjCFUABcA/OZ/orX8ZFH9LQNFc5lNNZFIunh6pnJKRaXrPp5+ejLZaj5p5FOZBg5Bo mnKR4Y8dU4wrfn/+MU0pV35oSfB7qLBQ== X-Received: by 2002:a05:600c:314b:b0:485:3a86:6392 with SMTP id 5b1f17b1804b1-488fb778b66mr217390275e9.20.1776757066300; Tue, 21 Apr 2026 00:37:46 -0700 (PDT) Received: from fedora-dev ([46.10.223.24]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-488fc100162sm373883825e9.5.2026.04.21.00.37.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Apr 2026 00:37:45 -0700 (PDT) From: "Nikola Z. Ivanov" To: kuba@kernel.org, andrew+netdev@lunn.ch, davem@davemloft.net, edumazet@google.com, pabeni@redhat.com Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, "Nikola Z. Ivanov" Subject: [PATCH net] netdevsim: Initialize all fields of ip header when building dummy sk_buff Date: Tue, 21 Apr 2026 10:37:38 +0300 Message-ID: <20260421073738.22110-1-zlatistiv@gmail.com> X-Mailer: git-send-email 2.53.0 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Syzbot reports a KMSAN uninit-value originating from nsim_dev_trap_skb_build, with the allocation also being performed in the same function. The cause of the KMSAN warning is a missing assignment of the tos and id fields of the ip header. Fix this by calling skb_put_zero instead of skb_put to guarantee null initialization. Additionally remove the now redundant zero assignments and reorder the remaining ones so that they more closely match the order of the fields as they appear in the ip header. Closes: https://syzkaller.appspot.com/bug?extid=3D23d7fcd204e3837866ff Fixes: da58f90f11f5 ("netdevsim: Add devlink-trap support") Signed-off-by: Nikola Z. Ivanov --- There is a very similar function in psample.c called nsim_dev_psample_skb_b= uild which is almost identical to nsim_dev_trap_skb_build except for the allocation flag reflecting its non-interrupt context and the fact it does proper initialization of all fields. Since these 2 are almost identical would it make sense to combine them into 1, possbly by passing the allocation flags as parameters? Thank you in advance for reviewing and answering! drivers/net/netdevsim/dev.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/drivers/net/netdevsim/dev.c b/drivers/net/netdevsim/dev.c index 1e06e781c835..64b7cc3a6575 100644 --- a/drivers/net/netdevsim/dev.c +++ b/drivers/net/netdevsim/dev.c @@ -829,16 +829,14 @@ static struct sk_buff *nsim_dev_trap_skb_build(void) skb->protocol =3D htons(ETH_P_IP); =20 skb_set_network_header(skb, skb->len); - iph =3D skb_put(skb, sizeof(struct iphdr)); - iph->protocol =3D IPPROTO_UDP; - iph->saddr =3D in_aton("192.0.2.1"); - iph->daddr =3D in_aton("198.51.100.1"); - iph->version =3D 0x4; - iph->frag_off =3D 0; + iph =3D skb_put_zero(skb, sizeof(struct iphdr)); iph->ihl =3D 0x5; + iph->version =3D 0x4; iph->tot_len =3D htons(tot_len); iph->ttl =3D 100; - iph->check =3D 0; + iph->protocol =3D IPPROTO_UDP; + iph->saddr =3D in_aton("192.0.2.1"); + iph->daddr =3D in_aton("198.51.100.1"); iph->check =3D ip_fast_csum((unsigned char *)iph, iph->ihl); =20 skb_set_transport_header(skb, skb->len); --=20 2.53.0