lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 2 Feb 2017 22:19:22 -0800 From: Alexei Starovoitov <alexei.starovoitov@...il.com> To: William Tu <u9012063@...il.com> Cc: Daniel Borkmann <daniel@...earbox.net>, Linux Kernel Network Developers <netdev@...r.kernel.org> Subject: Re: [PATCH net-next] bpf: fix verifier issue at check_packet_ptr_add On Thu, Feb 02, 2017 at 09:31:06PM -0800, William Tu wrote: > > Yes, this is auto-generated. We want to use P4 2016 as front end to > generate ebpf for XDP. P4 2016 front-end ? is it public? Is there a 2017 version? ;) just curious. > > > > The line 272 is r4 += r2 > > where R4=imm4 and R2=pkt_end > > R2 is no longer pkt_end, it's R2 == R0 == 0 > 269: (bf) r2 = r0 > 270: (77) r2 >>= 3 > 271: (bf) r4 = r1 > 272: (0f) r4 += r2 > > So at line 272, it's pkt_ptr = pkt_ptr + 0 > thus the following fix works for us. > - if (imm <= 0) { > + if (imm < 0) { got it. I forgot that we have: if (src_reg->type == CONST_IMM) { /* pkt_ptr += reg where reg is known constant */ imm = src_reg->imm; goto add_imm; } and got confused by if (BPF_SRC(insn->code) == BPF_K) bit. Thanks for explaining! Could you respin with the extra test for it in the test_verifier.c ? Since it's a rare case, would be good to keep it working.
Powered by blists - more mailing lists