| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 23 Aug 2022 10:58:10 +0100
From: Jean-Philippe Brucker <jean-philippe@...aro.org>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: linux-kernel@...r.kernel.org, stable@...r.kernel.org,
John Fastabend <john.fastabend@...il.com>,
Alexei Starovoitov <ast@...nel.org>,
Ovidiu Panait <ovidiu.panait@...driver.com>
Subject: Re: [PATCH 4.19 026/287] selftests/bpf: Fix "dubious pointer
arithmetic" test
Hi,
On Tue, Aug 23, 2022 at 10:23:15AM +0200, Greg Kroah-Hartman wrote:
> From: Ovidiu Panait <ovidiu.panait@...driver.com>
>
> From: Jean-Philippe Brucker <jean-philippe@...aro.org>
>
> commit 3615bdf6d9b19db12b1589861609b4f1c6a8d303 upstream.
This shouldn't be backported to 4.19, because it adjusts the selftest due
to commit b02709587ea3 ("bpf: Fix propagation of 32-bit signed bounds from
64-bit bounds."), which wasn't backported further than 5.9.
See [1] for the report about these BPF backports to v5.4, which we are
still trying to unravel. Given how painful building the BPF tests used to
be even on 5.4, I'd rather not do the same on 4.19!
[1] https://lore.kernel.org/lkml/CAPXMrf-C5XEUfOJd3GCtgtHOkc8DxDGbLxE5=GFmr+Py0zKxJA@mail.gmail.com/
Thanks,
Jean
>
> The verifier trace changed following a bugfix. After checking the 64-bit
> sign, only the upper bit mask is known, not bit 31. Update the test
> accordingly.
>
> Signed-off-by: Jean-Philippe Brucker <jean-philippe@...aro.org>
> Acked-by: John Fastabend <john.fastabend@...il.com>
> Signed-off-by: Alexei Starovoitov <ast@...nel.org>
> [OP: adjust for 4.19 selftests]
> Signed-off-by: Ovidiu Panait <ovidiu.panait@...driver.com>
> Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> ---
> tools/testing/selftests/bpf/test_align.c | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> --- a/tools/testing/selftests/bpf/test_align.c
> +++ b/tools/testing/selftests/bpf/test_align.c
> @@ -475,10 +475,10 @@ static struct bpf_align_test tests[] = {
> */
> {7, "R5=inv(id=0,smin_value=-9223372036854775806,smax_value=9223372036854775806,umin_value=2,umax_value=18446744073709551614,var_off=(0x2; 0xfffffffffffffffc)"},
> /* Checked s>=0 */
> - {9, "R5=inv(id=0,umin_value=2,umax_value=9223372034707292158,var_off=(0x2; 0x7fffffff7ffffffc)"},
> + {9, "R5=inv(id=0,umin_value=2,umax_value=9223372036854775806,var_off=(0x2; 0x7ffffffffffffffc)"},
> /* packet pointer + nonnegative (4n+2) */
> - {11, "R6_w=pkt(id=1,off=0,r=0,umin_value=2,umax_value=9223372034707292158,var_off=(0x2; 0x7fffffff7ffffffc)"},
> - {13, "R4=pkt(id=1,off=4,r=0,umin_value=2,umax_value=9223372034707292158,var_off=(0x2; 0x7fffffff7ffffffc)"},
> + {11, "R6_w=pkt(id=1,off=0,r=0,umin_value=2,umax_value=9223372036854775806,var_off=(0x2; 0x7ffffffffffffffc)"},
> + {13, "R4=pkt(id=1,off=4,r=0,umin_value=2,umax_value=9223372036854775806,var_off=(0x2; 0x7ffffffffffffffc)"},
> /* NET_IP_ALIGN + (4n+2) == (4n), alignment is fine.
> * We checked the bounds, but it might have been able
> * to overflow if the packet pointer started in the
> @@ -486,7 +486,7 @@ static struct bpf_align_test tests[] = {
> * So we did not get a 'range' on R6, and the access
> * attempt will fail.
> */
> - {15, "R6=pkt(id=1,off=0,r=0,umin_value=2,umax_value=9223372034707292158,var_off=(0x2; 0x7fffffff7ffffffc)"},
> + {15, "R6=pkt(id=1,off=0,r=0,umin_value=2,umax_value=9223372036854775806,var_off=(0x2; 0x7ffffffffffffffc)"},
> }
> },
> {
>
>
Powered by blists - more mailing lists