| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 19 Jan 2023 21:48:23 -0800
From: Alexei Starovoitov <alexei.starovoitov@...il.com>
To: David Vernet <void@...ifault.com>
Cc: bpf@...r.kernel.org, ast@...nel.org, daniel@...earbox.net,
andrii@...nel.org, martin.lau@...ux.dev, song@...nel.org,
yhs@...a.com, john.fastabend@...il.com, kpsingh@...nel.org,
sdf@...gle.com, haoluo@...gle.com, jolsa@...nel.org,
linux-kernel@...r.kernel.org, kernel-team@...a.com, tj@...nel.org
Subject: Re: [PATCH bpf-next 4/8] bpf: Enable cpumasks to be queried and used
as kptrs
On Thu, Jan 19, 2023 at 05:58:29PM -0600, David Vernet wrote:
> silently check for and ignore these cases at runtime. When we have e.g.
> per-argument kfunc flags, it might be helpful to add another KF_CPU-type
> flag that specifies that the verifier should validate that it's a valid
> CPU.
...
> +void bpf_cpumask_set_cpu(u32 cpu, struct bpf_cpumask *cpumask)
> +{
> + if (!cpu_valid(cpu))
> + return;
> +
> + cpumask_set_cpu(cpu, (struct cpumask *)cpumask);
> +}
...
> +void bpf_cpumask_clear_cpu(u32 cpu, struct bpf_cpumask *cpumask)
> +{
> + if (!cpu_valid(cpu))
> + return;
I don't think we'll be able to get rid of this with KF_CPU or special suffix.
The argument might be a variable and not a constant at the verification time.
We would have to allow passing unknown vars otherwise the UX will be too restrictive,
so this run-time check would have to stay.
Powered by blists - more mailing lists