lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <cover.1652982525.git.esyr@redhat.com>
Date:   Thu, 19 May 2022 20:13:55 +0200
From:   Eugene Syromiatnikov <esyr@...hat.com>
To:     Jiri Olsa <jolsa@...nel.org>,
        Masami Hiramatsu <mhiramat@...nel.org>,
        Steven Rostedt <rostedt@...dmis.org>,
        Ingo Molnar <mingo@...hat.com>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>
Cc:     Andrii Nakryiko <andrii@...nel.org>,
        Martin KaFai Lau <kafai@...com>,
        Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
        John Fastabend <john.fastabend@...il.com>,
        KP Singh <kpsingh@...nel.org>, netdev@...r.kernel.org,
        bpf@...r.kernel.org, linux-kernel@...r.kernel.org,
        Shuah Khan <shuah@...nel.org>, linux-kselftest@...r.kernel.org
Subject: [PATCH bpf v4 0/3] Fix kprobe_multi interface issues for 5.18

Hello.

While [1] seems to require additional work[2] due to changes
in the interface (and it has already been re-targeted for bpf-next),
I would like to ask to consider the following three patches, that fix
possible out-of-bounds write, properly disable the interface
for 32-bit compat user space, and prepare the libbpf interface change,
for the 5.18 release.  Thank you.

[1] https://lore.kernel.org/lkml/cover.1652772731.git.esyr@redhat.com/
[2] https://lore.kernel.org/lkml/YoTXiAk1EpZ0rLKE@krava/i

v4:
 - Added additional size checks for INT_MAX, as suggested by Yonghong
   Song
 - Added the third patch for the user space kprobe_multi.addrs type
   change, split from the 4th bpf-next patch, as suggested by Yonghong
   Song and Andrii Nakryiko

v3: https://lore.kernel.org/lkml/cover.1652876187.git.esyr@redhat.com/
 - Split out patches for 5.18
 - Removed superfluous size assignments after overflow_mul_check,
   as suggested by Yonghong Song

v2: https://lore.kernel.org/lkml/20220516230441.GA22091@asgard.redhat.com/
 - Fixed the isses reported by CI

v1: https://lore.kernel.org/lkml/20220516182657.GA28596@asgard.redhat.com/

Eugene Syromiatnikov (3):
  bpf_trace: check size for overflow in bpf_kprobe_multi_link_attach
  bpf_trace: bail out from bpf_kprobe_multi_link_attach when in compat
  libbpf, selftests/bpf: pass array of u64 values in kprobe_multi.addrs

 kernel/trace/bpf_trace.c                                  | 15 +++++++++------
 tools/lib/bpf/bpf.h                                       |  2 +-
 tools/lib/bpf/libbpf.c                                    |  8 ++++----
 tools/lib/bpf/libbpf.h                                    |  2 +-
 tools/testing/selftests/bpf/prog_tests/bpf_cookie.c       |  2 +-
 .../testing/selftests/bpf/prog_tests/kprobe_multi_test.c  |  8 ++++----
 6 files changed, 20 insertions(+), 17 deletions(-)

-- 
2.1.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ