iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d071951e08
linux/kernel
History
Alexei Starovoitov 0ea3c23577 bpf: improve verifier packet range checks 
[ Upstream commit b1977682a3858b5584ffea7cfb7bd863f68db18d ]

llvm can optimize the 'if (ptr > data_end)' checks to be in the order
slightly different than the original C code which will confuse verifier.
Like:
if (ptr + 16 > data_end)
  return TC_ACT_SHOT;
// may be followed by
if (ptr + 14 > data_end)
  return TC_ACT_SHOT;
while llvm can see that 'ptr' is valid for all 16 bytes,
the verifier could not.
Fix verifier logic to account for such case and add a test.

Reported-by: Huapeng Zhou <hzhou@fb.com>
Fixes: 969bf05eb3ce ("bpf: direct packet access")
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-05-03 08:36:35 -07:00
..
bpf
bpf: improve verifier packet range checks
2017-05-03 08:36:35 -07:00
configs
config: android: enable CONFIG_SECCOMP
2016-10-11 15:06:32 -07:00
debug
kernel/debug/debug_core.c: more properly delay for secondary CPUs
2017-01-06 10:40:17 +01:00
events
perf/core: Fix event inheritance on fork()
2017-03-26 13:05:57 +02:00
gcov
gcov: add support for gcc version >= 6
2016-07-15 14:54:27 +09:00
irq
irqdomain: Avoid activating interrupts more than once
2017-02-09 08:08:31 +01:00
livepatch
livepatch/module: make TAINT_LIVEPATCH module-specific
2016-08-26 14:42:08 +02:00
locking
locking/rwsem: Fix down_write_killable() for CONFIG_RWSEM_GENERIC_SPINLOCK=y
2017-03-22 12:43:40 +01:00
power
PM / sleep: fix device reference leak in test_suspend
2016-11-02 05:10:04 +01:00
printk
printk: use rcuidle console tracepoint
2017-02-23 17:44:36 +01:00
rcu
rcu: Narrow early boot window of illegal synchronous grace periods
2017-01-26 08:24:37 +01:00
sched
sched/rt: Add a missing rescheduling point
2017-03-31 10:31:46 +02:00
time
timekeeping: Use deferred printk() in debug code
2017-02-23 17:44:36 +01:00
trace
ring-buffer: Have ring_buffer_iter_empty() return true when empty
2017-04-27 09:10:37 +02:00
.gitignore
acct.c
async.c
audit_fsnotify.c
audit_tree.c
audit: cleanup prune_tree_thread
2016-04-04 09:46:47 -04:00
audit_watch.c
Merge branch 'stable-4.8' of git://git.infradead.org/users/pcmoore/audit
2016-09-01 15:55:56 -07:00
audit.c
Merge branch 'stable-4.9' of git://git.infradead.org/users/pcmoore/audit
2016-10-04 14:21:41 -07:00
audit.h
Merge branch 'stable-4.8' of git://git.infradead.org/users/pcmoore/audit
2016-07-29 17:54:17 -07:00
auditfilter.c
audit: add fields to exclude filter by reusing user filter
2016-06-27 11:01:00 -04:00
auditsc.c
Merge branch 'stable-4.9' of git://git.infradead.org/users/pcmoore/audit
2016-10-04 14:21:41 -07:00
backtracetest.c
bounds.c
capability.c
ptrace: Capture the ptracer's creds not PT_PTRACE_CAP
2017-01-06 10:40:13 +01:00
cgroup_freezer.c
cgroup_pids.c
cgroup/pids: remove spurious suspicious RCU usage warning
2017-03-26 13:05:58 +02:00
cgroup.c
cgroup, kthread: close race window where new kthreads can be migrated to non-root cgroups
2017-04-21 09:31:18 +02:00
compat.c
configs.c
context_tracking.c
cpu_pm.c
cpu.c
hotplug: Make register and unregister notifier API symmetric
2017-01-06 10:40:10 +01:00
cpuset.c
Merge branch 'for-4.9' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup
2016-10-14 12:18:50 -07:00
crash_dump.c
cred.c
cred: Reject inodes with invalid ids in set_create_file_as()
2016-06-30 18:05:09 -05:00
delayacct.c
dma.c
elfcore.c
exec_domain.c
exit.c
sched/autogroup: Do not use autogroup->tg in zombie threads
2016-11-22 12:33:43 +01:00
extable.c
fork.c
mm: Add a user_ns owner to mm_struct and fix ptrace permission checks
2017-01-06 10:40:13 +01:00
freezer.c
freezer, oom: check TIF_MEMDIE on the correct task
2016-07-28 16:07:41 -07:00
futex_compat.c
futex.c
futex: Add missing error handling to FUTEX_REQUEUE_PI
2017-03-22 12:43:40 +01:00
groups.c
cred: simpler, 1D supplementary groups
2016-10-07 18:46:30 -07:00
hung_task.c
hung_task: allow hung_task_panic when hung_task_warnings is 0
2016-10-11 15:06:33 -07:00
irq_work.c
jump_label.c
jump_labels: API for flushing deferred jump label updates
2017-01-19 20:17:59 +01:00
kallsyms.c
kallsyms: add support for relative offsets in kallsyms address table
2016-03-15 16:55:16 -07:00
kcmp.c
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
kcov.c
kcov: add missing #include <linux/sched.h>
2016-12-07 17:10:00 -08:00
kexec_core.c
kexec: add restriction on kexec_load() segment sizes
2016-08-02 19:35:31 -04:00
kexec_file.c
kexec: fix double-free when failing to relocate the purgatory
2016-09-01 17:52:01 -07:00
kexec_internal.h
kexec.c
kexec: allow architectures to override boot mapping
2016-08-02 19:35:27 -04:00
kmod.c
kprobes.c
kprobes: include <asm/sections.h> instead of <asm-generic/sections.h>
2016-10-11 15:06:31 -07:00
ksysfs.c
kexec: add a kexec_crash_loaded() function
2016-08-02 19:35:30 -04:00
kthread.c
cgroup, kthread: close race window where new kthreads can be migrated to non-root cgroups
2017-04-21 09:31:18 +02:00
latencytop.c
Makefile
userns: Add per user namespace sysctls.
2016-08-08 13:18:58 -05:00
membarrier.c
Fix: Disable sys_membarrier when nohz_full is enabled
2017-03-12 06:41:45 +01:00
memremap.c
mm, devm_memremap_pages: hold device_hotplug lock over mem_hotplug_{begin, done}
2017-03-12 06:41:43 +01:00
module_signing.c
KEYS: Move the point of trust determination to __key_link()
2016-04-11 22:43:43 +01:00
module-internal.h
module.c
Re-enable CONFIG_MODVERSIONS in a slightly weaker form
2016-11-29 16:01:30 -08:00
notifier.c
nsproxy.c
padata.c
padata: avoid race in reordering
2017-04-08 09:30:36 +02:00
panic.c
x86/panic: replace smp_send_stop() with kdump friendly version in panic path
2016-10-11 15:06:32 -07:00
params.c
pid_namespace.c
pid: fix lockdep deadlock warning due to ucount_lock
2017-01-19 20:18:03 +01:00
pid.c
remove lots of IS_ERR_VALUE abuses
2016-05-27 15:26:11 -07:00
profile.c
profile: Convert to hotplug state machine
2016-07-15 10:41:42 +02:00
ptrace.c
ptrace: fix PTRACE_LISTEN race corrupting task->state
2017-04-12 12:41:12 +02:00
range.c
reboot.c
relay.c
relay: check array offset before using it
2017-01-12 11:39:30 +01:00
resource.c
/proc/iomem: only expose physical resource addresses to privileged users
2016-04-14 12:56:09 -07:00
seccomp.c
seccomp: Fix tracer exit notifications during fatal signals
2016-08-30 16:12:46 -07:00
signal.c
sigaltstack: support SS_AUTODISARM for CONFIG_COMPAT
2017-03-12 06:41:44 +01:00
smp.c
smp: Allocate smp_call_on_cpu() workqueue on stack too
2016-09-22 14:49:10 +02:00
smpboot.c
kthread/smpboot: do not park in kthread_create_on_cpu()
2016-10-11 15:06:33 -07:00
smpboot.h
softirq.c
softirq: Display IRQ_POLL for irq-poll statistics
2016-10-21 15:45:47 -06:00
stacktrace.c
stacktrace, lockdep: Fix address, newline ugliness
2017-02-14 15:25:42 -08:00
stop_machine.c
Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2016-10-03 13:39:00 -07:00
sys_ni.c
x86/pkeys: Fix pkeys build breakage for some non-x86 arches
2016-09-13 14:41:36 +02:00
sys.c
prctl: make PR_SET_THP_DISABLE wait for mmap_sem killable
2016-05-23 17:04:14 -07:00
sysctl_binary.c
kernel/sysctl_binary.c: use generic UUID library
2016-05-20 17:58:30 -07:00
sysctl.c
sysctl: fix proc_doulongvec_ms_jiffies_minmax()
2017-02-01 08:33:05 +01:00
task_work.c
task_work: use READ_ONCE/lockless_dereference, avoid pi_lock if !task_works
2016-08-02 19:35:02 -04:00
taskstats.c
taskstats: fix the length of cgroupstats_cmd_get_policy
2016-11-03 16:55:58 -04:00
test_kprobes.c
torture.c
torture: Convert torture_shutdown() to hrtimer
2016-08-22 10:01:49 -07:00
tracepoint.c
kernel/...: convert pr_warning to pr_warn
2016-03-22 15:36:02 -07:00
tsacct.c
ucount.c
ucount: Remove the atomicity from ucount->count
2017-03-18 19:14:29 +08:00
uid16.c
cred: simpler, 1D supplementary groups
2016-10-07 18:46:30 -07:00
up.c
smp: Add function to execute a function synchronously on a CPU
2016-09-05 13:52:39 +02:00
user_namespace.c
Merge branch 'nsfs-ioctls' into HEAD
2016-09-22 20:00:36 -05:00
user-return-notifier.c
user.c
utsname_sysctl.c
utsname.c
Merge branch 'nsfs-ioctls' into HEAD
2016-09-22 20:00:36 -05:00
watchdog.c
kernel/watchdog: use nmi registers snapshot in hardlockup handler
2017-01-06 10:40:16 +01:00
workqueue_internal.h
workqueue.c
kthread: rename probe_kthread_data() to kthread_probe_data()
2016-10-11 15:06:33 -07:00