[lvc-project] Progress in ticket

Andrey Kalachev kalachev at swemel.ru
Thu Jun 27 18:55:15 MSK 2024


On Thu, Jun 27, 2024 at 01:55:44PM +0200, Michal Switala wrote:
>Hello,
>
>I am currently looking at this bug and checked your reproduction.
>Unfortunately, it doesn's set xfrm transformations in the same way as
>syz reproducer. The effect is that in xfrm_lookup_with_ifid, the packet goes to
>the nopol section instead of notransform as in the original.
>
>Regards
>Michal

Hi Michal.

Most likely system("ip xfrm policy update src 254.136.0.0/0 dst 255.1.0.0/0 dir out flag icmp") does not work.

syzkaller uses Busybox based disk images.

ip is present there (/sbin/ip), but it has limited functionality.
In particular, the xfrm framework commands are not supported.
The original reproducer worked with ipsec/xfrm via netlink.
The rewritten reproducer will work with a Debian-based image with iproute2 installed.
I made a Debian image of bullseye (the easiest way to do that is to use create-image.sh).

Regards,
Andrey



More information about the lvc-project mailing list