shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-03-25 03:50:24 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
8bf567b63c2afcc482041564d0ad0c4c2bf8cb09
linux/kernel
History
Yafang Shao c96c67991a bpf: Fix issue in verifying allow_ptr_leaks 
commit d75e30dddf upstream.

After we converted the capabilities of our networking-bpf program from
cap_sys_admin to cap_net_admin+cap_bpf, our networking-bpf program
failed to start. Because it failed the bpf verifier, and the error log
is "R3 pointer comparison prohibited".

A simple reproducer as follows,

SEC("cls-ingress")
int ingress(struct __sk_buff *skb)
{
	struct iphdr *iph = (void *)(long)skb->data + sizeof(struct ethhdr);

	if ((long)(iph + 1) > (long)skb->data_end)
		return TC_ACT_STOLEN;
	return TC_ACT_OK;
}

Per discussion with Yonghong and Alexei [1], comparison of two packet
pointers is not a pointer leak. This patch fixes it.

Our local kernel is 6.1.y and we expect this fix to be backported to
6.1.y, so stable is CCed.

[1]. https://lore.kernel.org/bpf/CAADnVQ+Nmspr7Si+pxWn8zkE7hX-7s93ugwC+94aXSy4uQ9vBg@mail.gmail.com/

Suggested-by: Yonghong Song <yonghong.song@linux.dev>
Suggested-by: Alexei Starovoitov <alexei.starovoitov@gmail.com>
Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
Acked-by: Eduard Zingerman <eddyz87@gmail.com>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20230823020703.3790-2-laoar.shao@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-09-13 09:43:02 +02:00
..
bpf
bpf: Fix issue in verifying allow_ptr_leaks
2023-09-13 09:43:02 +02:00
cgroup
cgroup:namespace: Remove unused cgroup_namespaces_init()
2023-09-13 09:42:56 +02:00
configs
Kbuild: add Rust support
2022-09-28 09:02:20 +02:00
debug
mm: remove vmacache
2022-09-26 19:46:18 -07:00
dma
dma-remap: use kvmalloc_array/kvfree for larger dma memory remap
2023-08-23 17:52:21 +02:00
entry
entry/rcu: Check TIF_RESCHED _after_ delayed RCU wake-up
2023-03-30 12:49:13 +02:00
events
perf: Fix function pointer case
2023-08-11 12:08:09 +02:00
futex
futex: Fix futex_waitv() hrtimer debug object leak on kcalloc error
2023-01-04 11:28:58 +01:00
gcov
gcov: add support for checksum field
2022-12-31 13:33:11 +01:00
irq
x86/pci/xen: populate MSI sysfs entries
2023-05-30 14:03:22 +01:00
kcsan
kcsan: Don't expect 64 bits atomic builtins from 32 bits architectures
2023-07-19 16:21:37 +02:00
livepatch
Merge tag 'livepatching-for-6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/livepatching/livepatching
2022-10-10 11:36:19 -07:00
locking
lockdep: fix static memory detection even more
2023-09-02 09:16:19 +02:00
module
modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
2023-09-06 21:27:00 +01:00
power
PM: QoS: Restore support for default value on frequency QoS
2023-07-23 13:49:45 +02:00
printk
printk: ringbuffer: Fix truncating buffer size min_t cast
2023-09-13 09:43:00 +02:00
rcu
refscale: Fix uninitalized use of wait_queue_head_t
2023-09-13 09:42:28 +02:00
sched
sched/rt: Fix sysctl_sched_rr_timeslice intial value
2023-09-13 09:42:29 +02:00
time
tick/rcu: Fix false positive "softirq work is pending" messages
2023-09-13 09:42:57 +02:00
trace
tracing: Fix race issue between cpu buffer write and swap
2023-09-13 09:42:57 +02:00
.gitignore
acct.c
acct: fix potential integer overflow in encode_comp_t()
2022-12-31 13:32:58 +01:00
async.c
Revert "module, async: async_synchronize_full() on module init iff async is used"
2022-02-03 11:20:34 -08:00
audit_fsnotify.c
audit: fix potential double free on error path from fsnotify_add_inode_mark
2022-08-22 18:50:06 -04:00
audit_tree.c
audit: use fsnotify group lock helpers
2022-04-25 14:37:28 +02:00
audit_watch.c
audit_init_parent(): constify path
2022-09-01 17:39:30 -04:00
audit.c
audit: use time_after to compare time
2022-08-29 19:47:03 -04:00
audit.h
audit: remove selinux_audit_rule_update() declaration
2022-09-07 11:30:15 -04:00
auditfilter.c
Merge tag 'audit-pr-20220110' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
2022-01-11 13:08:21 -08:00
auditsc.c
audit: fix possible soft lockup in __audit_inode_child()
2023-09-13 09:42:42 +02:00
backtracetest.c
bounds.c
mm: multi-gen LRU: minimal implementation
2022-09-26 19:46:09 -07:00
capability.c
xfs: don't generate selinux audit messages for capability testing
2022-03-09 10:32:06 -08:00
cfi.c
cfi: Switch to -fsanitize=kcfi
2022-09-26 10:13:13 -07:00
compat.c
sched_getaffinity: don't assume 'cpumask_size()' is fully initialized
2023-04-06 12:10:40 +02:00
configs.c
context_tracking.c
context_tracking: Fix noinstr vs KASAN
2023-03-10 09:33:45 +01:00
cpu_pm.c
context_tracking: Take IRQ eqs entrypoints over RCU
2022-07-05 13:32:59 -07:00
cpu.c
cpu/hotplug: Prevent self deadlock on CPU hot-unplug
2023-09-13 09:43:00 +02:00
crash_core.c
vmcoreinfo: add kallsyms_num_syms symbol
2022-08-28 14:02:44 -07:00
crash_dump.c
cred.c
x86: Mark __invalid_creds() __noreturn
2022-03-15 10:32:44 +01:00
delayacct.c
delayacct: support re-entrance detection of thrashing accounting
2022-09-26 19:46:07 -07:00
dma.c
exec_domain.c
exit.c
exit: Detect and fix irq disabled state in oops
2023-03-10 09:33:45 +01:00
extable.c
context_tracking: Take NMI eqs entrypoints over RCU
2022-07-05 13:32:59 -07:00
fail_function.c
kernel/fail_function: fix memory leak with using debugfs_lookup()
2023-03-11 13:55:39 +01:00
fork.c
mm: Move mm_cachep initialization to mm_init()
2023-08-08 20:03:49 +02:00
freezer.c
freezer,sched: Rewrite core freezer logic
2022-09-07 21:53:50 +02:00
gen_kheaders.sh
kbuild: build init/built-in.a just once
2022-09-29 04:40:15 +09:00
groups.c
security: Add LSM hook to setgroups() syscall
2022-07-15 18:21:49 +00:00
hung_task.c
sched: Fix more TASK_state comparisons
2022-09-30 16:50:39 +02:00
iomem.c
irq_work.c
irq_work: use kasan_record_aux_stack_noalloc() record callstack
2022-04-15 14:49:55 -07:00
jump_label.c
jump_label: make initial NOP patching the special case
2022-06-24 09:48:55 +02:00
kallsyms_internal.h
kallsyms: Improve the performance of kallsyms_lookup_name()
2023-07-27 08:50:39 +02:00
kallsyms.c
kallsyms: Fix kallsyms_selftest failure
2023-09-02 09:16:19 +02:00
kcmp.c
Kconfig.freezer
Kconfig.hz
Kconfig.locks
locking/rwlock: Provide RT variant
2021-08-17 17:50:51 +02:00
Kconfig.preempt
Revert "signal, x86: Delay calling signals in atomic on RT enabled kernels"
2022-03-31 10:36:55 +02:00
kcov.c
kcov: kmsan: unpoison area->list in kcov_remote_area_put()
2022-10-03 14:03:23 -07:00
kexec_core.c
kexec: fix a memory leak in crash_shrink_memory()
2023-07-19 16:21:08 +02:00
kexec_elf.c
kexec_file.c
kexec: support purgatories with .text.hot sections
2023-06-21 16:00:55 +02:00
kexec_internal.h
panic, kexec: make __crash_kexec() NMI safe
2022-09-11 21:55:06 -07:00
kexec.c
panic, kexec: make __crash_kexec() NMI safe
2022-09-11 21:55:06 -07:00
kheaders.c
kheaders: Use array declaration instead of char
2023-05-11 23:03:02 +09:00
kmod.c
kprobes.c
kprobes: Prohibit probing on CFI preamble symbol
2023-09-13 09:42:23 +02:00
ksysfs.c
kexec: turn all kexec_mutex acquisitions into trylocks
2022-09-11 21:55:06 -07:00
kthread.c
Merge tag 'interrupting_kthread_stop-for-v5.20' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
2022-10-09 16:01:59 -07:00
latencytop.c
latencytop: use the last element of latency_record of system
2022-09-11 21:55:12 -07:00
Makefile
cfi: Fix CFI failure with KASAN
2022-12-31 13:33:08 +01:00
module_signature.c
notifier.c
notifier: Add blocking/atomic_notifier_chain_register_unique_prio()
2022-05-19 19:30:30 +02:00
nsproxy.c
Revert "fs/exec: allow to unshare a time namespace on vfork+exec"
2022-09-13 10:38:43 -07:00
padata.c
padata: Fix list iterator in padata_do_serial()
2022-12-31 13:32:34 +01:00
panic.c
panic: fix the panic_print NMI backtrace setting
2023-03-10 09:34:25 +01:00
params.c
kobject: remove kset from struct kset_uevent_ops callbacks
2021-12-28 11:26:18 +01:00
pid_namespace.c
rcu-tasks: Fix synchronize_rcu_tasks() VS zap_pid_ns_processes()
2023-03-10 09:32:52 +01:00
pid.c
gfs2: Add glockfd debugfs file
2022-06-29 13:07:16 +02:00
profile.c
kernel/profile.c: simplify duplicated code in profile_setup()
2022-09-11 21:55:12 -07:00
ptrace.c
freezer,sched: Rewrite core freezer logic
2022-09-07 21:53:50 +02:00
range.c
reboot.c
kernel/reboot: Add SYS_OFF_MODE_RESTART_PREPARE mode
2022-10-04 15:59:36 +02:00
regset.c
relay.c
relayfs: fix out-of-bounds access in relay_file_read
2023-05-11 23:03:03 +09:00
resource_kunit.c
resource.c
PCI: Allow drivers to request exclusive config regions
2023-09-13 09:42:46 +02:00
rseq.c
rseq: Use pr_warn_once() when deprecated/unknown ABI flags are encountered
2022-11-14 09:58:32 +01:00
scftorture.c
scftorture: Fix distribution of short handler delays
2022-04-11 17:07:29 -07:00
scs.c
kasan, vmalloc: only tag normal vmalloc allocations
2022-03-24 19:06:48 -07:00
seccomp.c
seccomp: Add wait_killable semantic to seccomp user notifier
2022-05-03 14:11:58 -07:00
signal.c
mm: suppress mm fault logging if fatal signal already pending
2023-08-03 10:24:01 +02:00
smp.c
Merge tag 'bitmap-6.1-rc1' of https://github.com/norov/linux
2022-10-10 12:49:34 -07:00
smpboot.c
smpboot: use atomic_try_cmpxchg in cpu_wait_death and cpu_report_death
2022-09-11 21:55:10 -07:00
smpboot.h
softirq.c
context_tracking: Take IRQ eqs entrypoints over RCU
2022-07-05 13:32:59 -07:00
stackleak.c
stackleak: add on/off stack variants
2022-05-08 01:33:09 -07:00
stacktrace.c
uaccess: remove CONFIG_SET_FS
2022-02-25 09:36:06 +01:00
static_call_inline.c
static_call: Don't make __static_call_return0 static
2022-04-05 09:59:38 +02:00
static_call.c
static_call: Don't make __static_call_return0 static
2022-04-05 09:59:38 +02:00
stop_machine.c
Merge tag 'sched-core-2022-05-23' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2022-05-24 11:11:13 -07:00
sys_ni.c
kernel/sys_ni: add compat entry for fadvise64_64
2022-08-20 15:17:45 -07:00
sys.c
kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()
2023-04-26 14:28:39 +02:00
sysctl-test.c
kernel/sysctl-test: use SYSCTL_{ZERO/ONE_HUNDRED} instead of i_{zero/one_hundred}
2022-09-08 16:56:45 -07:00
sysctl.c
proc: proc_skip_spaces() shouldn't think it is working on C strings
2022-12-05 12:09:06 -08:00
task_work.c
task_work: use try_cmpxchg in task_work_add, task_work_cancel_match and task_work_run
2022-09-11 21:55:10 -07:00
taskstats.c
genetlink: start to validate reserved header bytes
2022-08-29 12:47:15 +01:00
torture.c
torture: Fix hang during kthread shutdown phase
2023-03-10 09:34:07 +01:00
tracepoint.c
tracepoint: Optimize the critical region of mutex_lock in tracepoint_module_coming()
2022-09-26 13:01:18 -04:00
tsacct.c
taskstats: version 12 with thread group and exe info
2022-04-29 14:38:03 -07:00
ucount.c
ucounts: Split rlimit and ucount values and max values
2022-05-18 18:24:57 -05:00
uid16.c
uid16.h
umh.c
freezer,umh: Fix call_usermode_helper_exec() vs SIGKILL
2023-02-22 12:59:50 +01:00
up.c
user_namespace.c
Merge tag 'ucount-rlimits-cleanups-for-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
2022-10-09 16:24:05 -07:00
user-return-notifier.c
user.c
fs/epoll: use a per-cpu counter for user's watches count
2021-09-08 11:50:27 -07:00
usermode_driver.c
blob_to_mnt(): kern_unmount() is needed to undo kern_mount()
2022-05-19 23:25:47 -04:00
utsname_sysctl.c
kernel/utsname_sysctl.c: Fix hostname polling
2022-10-23 12:01:01 -07:00
utsname.c
watch_queue.c
watch_queue: prevent dangling pipe pointer
2023-07-19 16:22:10 +02:00
watchdog_hld.c
watchdog/perf: more properly prevent false positives with turbo modes
2023-07-19 16:21:08 +02:00
watchdog.c
Merge tag 'powerpc-6.0-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux
2022-08-06 16:38:17 -07:00
workqueue_internal.h
workqueue: Assign a color to barrier work items
2021-08-17 07:49:10 -10:00
workqueue.c
workqueue: clean up WORK_* constant types, clarify masking
2023-07-23 13:49:19 +02:00