lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20171227030549.nypwundjo3szf6px@ast-mbp> Date: Tue, 26 Dec 2017 19:05:51 -0800 From: Alexei Starovoitov <alexei.starovoitov@...il.com> To: kernel test robot <xiaolong.ye@...el.com> Cc: Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>, LKML <linux-kernel@...r.kernel.org>, Linus Torvalds <torvalds@...ux-foundation.org>, lkp@...org Subject: Re: [lkp-robot] [bpf] 82abbf8d2f: kernel_selftests.bpf.test_align.fail On Wed, Dec 27, 2017 at 11:00:30AM +0800, kernel test robot wrote: > > FYI, we noticed the following commit (built with gcc-7): > > commit: 82abbf8d2fc46d79611ab58daa7c608df14bb3ee ("bpf: do not allow root to mangle valid pointers") > https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master > > in testcase: kernel_selftests > with following parameters: > > > test-description: The kernel contains a set of "self tests" under the tools/testing/selftests/ directory. These are intended to be small unit tests to exercise individual code paths in the kernel. > test-url: https://www.kernel.org/doc/Documentation/kselftest.txt > > > on test machine: qemu-system-x86_64 -enable-kvm -cpu host -smp 2 -m 4G > > caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace): > > > > > selftests: test_align > ======================================== > Test 0: mov ... PASS > Test 1: shift ... PASS > Test 2: addsub ... PASS > Test 3: mul ... PASS > Test 4: unknown shift ... PASS > Test 5: unknown mul ... PASS > Test 6: packet const offset ... PASS > Test 7: packet variable offset ... PASS > Test 8: packet variable offset 2 ... PASS > Test 9: dubious pointer arithmetic ... Failed to find line 5 for match: R5=inv(id=0,umax_value=64,var_off=(0x0; 0x40)) > 0: R1=ctx(id=0,off=0,imm=0) R10=fp0 > 0: (61) r2 = *(u32 *)(r1 +76) > 1: R1=ctx(id=0,off=0,imm=0) R2=pkt(id=0,off=0,r=0,imm=0) R10=fp0 > 1: (61) r3 = *(u32 *)(r1 +80) > 2: R1=ctx(id=0,off=0,imm=0) R2=pkt(id=0,off=0,r=0,imm=0) R3=pkt_end(id=0,off=0,imm=0) R10=fp0 > 2: (b7) r0 = 0 > 3: R0=inv0 R1=ctx(id=0,off=0,imm=0) R2=pkt(id=0,off=0,r=0,imm=0) R3=pkt_end(id=0,off=0,imm=0) R10=fp0 > 3: (bf) r5 = r2 > 4: R0=inv0 R1=ctx(id=0,off=0,imm=0) R2=pkt(id=0,off=0,r=0,imm=0) R3=pkt_end(id=0,off=0,imm=0) R5=pkt(id=0,off=0,r=0,imm=0) R10=fp0 > 4: (57) r5 &= 64 > R5 bitwise operator &= on pointer prohibited > FAIL thanks for reporting. The verifier output has changed. Will send a fix shortly. I wish 0-bot was running selftests/bpf on net/net-next and bpf/bpf-next trees It would have caught this issue sooner.
Powered by blists - more mailing lists