| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <f04bfa9a-fce1-8e16-f7b7-56bcaecac6a9@meta.com>
Date: Wed, 4 Jan 2023 08:55:26 -0800
From: Yonghong Song <yhs@...a.com>
To: Hao Sun <sunhao.th@...il.com>, bpf@...r.kernel.org
Cc: ast@...nel.org, daniel@...earbox.net, john.fastabend@...il.com,
andrii@...nel.org, martin.lau@...ux.dev, song@...nel.org,
yhs@...com, kpsingh@...nel.org, sdf@...gle.com, haoluo@...gle.com,
jolsa@...nel.org, davem@...emloft.net, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] bpf: skip invalid kfunc call in backtrack_insn
On 1/3/23 5:47 PM, Hao Sun wrote:
> The verifier skips invalid kfunc call in check_kfunc_call(), which
> would be captured in fixup_kfunc_call() if such insn is not
> eliminated by dead code elimination. However, this can lead to the
> following warning in backtrack_insn(), alse see [1]:
>
> ------------[ cut here ]------------
> verifier backtracking bug
> WARNING: CPU: 6 PID: 8646 at kernel/bpf/verifier.c:2756 backtrack_insn
> kernel/bpf/verifier.c:2756
> __mark_chain_precision kernel/bpf/verifier.c:3065
> mark_chain_precision kernel/bpf/verifier.c:3165
> adjust_reg_min_max_vals kernel/bpf/verifier.c:10715
> check_alu_op kernel/bpf/verifier.c:10928
> do_check kernel/bpf/verifier.c:13821 [inline]
> do_check_common kernel/bpf/verifier.c:16289
> ...
>
> So make backtracking conservative with this by returning ENOTSUPP.
>
> [1] https://lore.kernel.org/bpf/CACkBjsaXNceR8ZjkLG=dT3P=4A8SBsg0Z5h5PWLryF5=ghKq=g@mail.gmail.com/
>
> Signed-off-by: Hao Sun <sunhao.th@...il.com>
Acked-by: Yonghong Song <yhs@...com>
Powered by blists - more mailing lists