linux

mirror of https://github.com/hardkernel/linux.git synced 2026-06-09 12:17:12 +09:00

Go to file

Andrey Ignatov caee4103f0 bpf: Support variable offset stack access from helpers

commit 2011fccfb6 upstream.

Currently there is a difference in how verifier checks memory access for
helper arguments for PTR_TO_MAP_VALUE and PTR_TO_STACK with regard to
variable part of offset.

check_map_access, that is used for PTR_TO_MAP_VALUE, can handle variable
offsets just fine, so that BPF program can call a helper like this:

  some_helper(map_value_ptr + off, size);

, where offset is unknown at load time, but is checked by program to be
in a safe rage (off >= 0 && off + size < map_value_size).

But it's not the case for check_stack_boundary, that is used for
PTR_TO_STACK, and same code with pointer to stack is rejected by
verifier:

  some_helper(stack_value_ptr + off, size);

For example:
  0: (7a) *(u64 *)(r10 -16) = 0
  1: (7a) *(u64 *)(r10 -8) = 0
  2: (61) r2 = *(u32 *)(r1 +0)
  3: (57) r2 &= 4
  4: (17) r2 -= 16
  5: (0f) r2 += r10
  6: (18) r1 = 0xffff888111343a80
  8: (85) call bpf_map_lookup_elem#1
  invalid variable stack read R2 var_off=(0xfffffffffffffff0; 0x4)

Add support for variable offset access to check_stack_boundary so that
if offset is checked by program to be in a safe range it's accepted by
verifier.

Signed-off-by: Andrey Ignatov <rdna@fb.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
[OP: replace reg_state(env, regno) helper with "cur_regs(env) + regno"]
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

2021-09-22 11:47:58 +02:00

arch

xen: fix setting of max_pfn in shared_info

2021-09-22 11:47:57 +02:00

block

blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN

2021-09-22 11:47:57 +02:00

certs

certs: Trigger creation of RSA module signing key if it's not an RSA key

2021-09-22 11:47:51 +02:00

crypto

crypto: shash - avoid comparing pointers to exported functions under CFI

2021-07-20 16:15:44 +02:00

Documentation

locks: print a warning when mount fails due to lack of "mand" support

2021-08-26 08:36:49 -04:00

drivers

PCI/MSI: Skip masking MSI-X on Xen PV

2021-09-22 11:47:57 +02:00

firmware

Fix built-in early-load Intel microcode alignment

2020-01-23 08:21:29 +01:00

btrfs: reset replace target device to allocation state on close

2021-09-22 11:47:57 +02:00

include

bpf/verifier: per-register parent pointers

2021-09-22 11:47:58 +02:00

init

pid: take a reference when initializing cad_pid

2021-06-10 13:24:06 +02:00

ipc

ipc/util.c: sysvipc_find_ipc() incorrectly updates position index

2020-05-20 08:18:40 +02:00

kernel

bpf: Support variable offset stack access from helpers

2021-09-22 11:47:58 +02:00

lib

lib/mpi: use kcalloc in mpi_resize

2021-09-22 11:47:51 +02:00

LICENSES

LICENSES: Remove CC-BY-SA-4.0 license text

2018-10-18 11:28:50 +02:00

mm/page_alloc: speed up the iteration of max_order

2021-09-22 11:47:48 +02:00

net

9p/xen: Fix end of loop tests for list_for_each_entry

2021-09-22 11:47:57 +02:00

samples

samples/bpf: Fix the error return code of xdp_redirect's main()

2021-07-20 16:15:51 +02:00

scripts

scripts/tracing: fix the bug that can't parse raw_trace_func

2021-08-12 13:19:42 +02:00

security

IMA: remove the dependency on CRYPTO_MD5

2021-09-22 11:47:56 +02:00

sound

ALSA: usb-audio: Add registration quirk for JBL Quantum 800

2021-09-22 11:47:48 +02:00

tools

bpf: correct slot_type marking logic to allow more stack slot sharing

2021-09-22 11:47:58 +02:00

usr

initramfs: restore default compression behavior

2020-04-13 10:44:59 +02:00

virt

KVM: Use kvm_pfn_t for local PFN variable in hva_to_pfn_remapped()

2021-07-28 11:13:51 +02:00

.clang-format

clang-format: Set IndentWrappedFunctionNames false

2018-08-01 18:38:51 +02:00

.cocciconfig

scripts: add Linux .cocciconfig for coccinelle

2016-07-22 12:13:39 +02:00

.get_maintainer.ignore

Add hch to .get_maintainer.ignore

2015-08-21 14:30:10 -07:00

.gitattributes

.gitattributes: set git diff driver for C source code files

2016-10-07 18:46:30 -07:00

.gitignore

Merge tag 'kbuild-v4.17-2' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild

2018-04-15 17:21:30 -07:00

.mailmap

Merge tag 'libnvdimm-for-4.19_misc' of gitolite.kernel.org:pub/scm/linux/kernel/git/nvdimm/nvdimm

2018-08-25 18:13:10 -07:00

COPYING

COPYING: use the new text with points to the license files

2018-03-23 12:41:45 -06:00

CREDITS

9p: remove Ron Minnich from MAINTAINERS

2018-08-17 16:20:26 -07:00

Kbuild

Merge tag 'kbuild-v4.15' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild

2017-11-17 17:45:29 -08:00

Kconfig

kconfig: move the "Executable file formats" menu to fs/Kconfig.binfmt

2018-08-02 08:06:55 +09:00

MAINTAINERS

Documentation/llvm: add documentation on building w/ Clang/LLVM

2020-09-26 18:01:31 +02:00

Makefile

Linux 4.19.206

2021-09-03 09:58:03 +02:00

README

Docs: Added a pointer to the formatted docs to README

2018-03-21 09:02:53 -06:00

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.