lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20171227030549.nypwundjo3szf6px@ast-mbp>
Date:   Tue, 26 Dec 2017 19:05:51 -0800
From:   Alexei Starovoitov <alexei.starovoitov@...il.com>
To:     kernel test robot <xiaolong.ye@...el.com>
Cc:     Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        LKML <linux-kernel@...r.kernel.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>, lkp@...org
Subject: Re: [lkp-robot] [bpf]  82abbf8d2f:
 kernel_selftests.bpf.test_align.fail

On Wed, Dec 27, 2017 at 11:00:30AM +0800, kernel test robot wrote:
> 
> FYI, we noticed the following commit (built with gcc-7):
> 
> commit: 82abbf8d2fc46d79611ab58daa7c608df14bb3ee ("bpf: do not allow root to mangle valid pointers")
> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master
> 
> in testcase: kernel_selftests
> with following parameters:
> 
> 
> test-description: The kernel contains a set of "self tests" under the tools/testing/selftests/ directory. These are intended to be small unit tests to exercise individual code paths in the kernel.
> test-url: https://www.kernel.org/doc/Documentation/kselftest.txt
> 
> 
> on test machine: qemu-system-x86_64 -enable-kvm -cpu host -smp 2 -m 4G
> 
> caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
> 
> 
> 
> 
> selftests: test_align
> ========================================
> Test   0: mov ... PASS
> Test   1: shift ... PASS
> Test   2: addsub ... PASS
> Test   3: mul ... PASS
> Test   4: unknown shift ... PASS
> Test   5: unknown mul ... PASS
> Test   6: packet const offset ... PASS
> Test   7: packet variable offset ... PASS
> Test   8: packet variable offset 2 ... PASS
> Test   9: dubious pointer arithmetic ... Failed to find line 5 for match: R5=inv(id=0,umax_value=64,var_off=(0x0; 0x40))
> 0: R1=ctx(id=0,off=0,imm=0) R10=fp0
> 0: (61) r2 = *(u32 *)(r1 +76)
> 1: R1=ctx(id=0,off=0,imm=0) R2=pkt(id=0,off=0,r=0,imm=0) R10=fp0
> 1: (61) r3 = *(u32 *)(r1 +80)
> 2: R1=ctx(id=0,off=0,imm=0) R2=pkt(id=0,off=0,r=0,imm=0) R3=pkt_end(id=0,off=0,imm=0) R10=fp0
> 2: (b7) r0 = 0
> 3: R0=inv0 R1=ctx(id=0,off=0,imm=0) R2=pkt(id=0,off=0,r=0,imm=0) R3=pkt_end(id=0,off=0,imm=0) R10=fp0
> 3: (bf) r5 = r2
> 4: R0=inv0 R1=ctx(id=0,off=0,imm=0) R2=pkt(id=0,off=0,r=0,imm=0) R3=pkt_end(id=0,off=0,imm=0) R5=pkt(id=0,off=0,r=0,imm=0) R10=fp0
> 4: (57) r5 &= 64
> R5 bitwise operator &= on pointer prohibited
> FAIL

thanks for reporting. The verifier output has changed. Will send a fix shortly.
I wish 0-bot was running selftests/bpf on net/net-next and bpf/bpf-next trees
It would have caught this issue sooner.

Powered by blists - more mailing lists