lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1402004376-1814-1-git-send-email-ast@plumgrid.com>
Date:	Thu,  5 Jun 2014 14:39:36 -0700
From:	Alexei Starovoitov <ast@...mgrid.com>
To:	"David S. Miller" <davem@...emloft.net>
Cc:	Daniel Borkmann <dborkman@...hat.com>, netdev@...r.kernel.org
Subject: [PATCH net] net: filter: fix SKF_AD_PKTTYPE extension on big-endian

BPF classic->internal converter broke SKF_AD_PKTTYPE extension, since
pkt_type_offset() was failing to find skb->pkt_type field which is defined as:
__u8 pkt_type:3,
     fclone:2,
     ipvs_property:1,
     peeked:1,
     nf_trace:1;

Fix it by searching for 3 most significant bits and shift them by 5 at run-time

Fixes: bd4cf0ed331a ("net: filter: rework/optimize internal BPF interpreter's instruction set")
Signed-off-by: Alexei Starovoitov <ast@...mgrid.com>
Acked-by: Daniel Borkmann <dborkman@...hat.com>
Tested-by: Daniel Borkmann <dborkman@...hat.com>
---

backported BPF testsuite to 'net' and tested with qemu-sparc64.
Daniel tested it on s390.

Dave,
The fix doesn't apply cleanly to 'net-next'.
There 2nd hunk needs to be:
               insn++;
               *insn = BPF_ALU32_IMM(BPF_RSH, BPF_REG_A, 5);
I have 'net-next' patch ready and tested as well. Let me know if I should
send it or you'll take care of it while doing the merge of 'net'.

 net/core/filter.c |   11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/net/core/filter.c b/net/core/filter.c
index 4aec7b9..ab3c74e 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -578,7 +578,11 @@ EXPORT_SYMBOL_GPL(sk_run_filter_int_skb);
  * to make sure its still a 3bit field starting at a byte boundary;
  * taken from arch/x86/net/bpf_jit_comp.c.
  */
+#ifdef __BIG_ENDIAN_BITFIELD
+#define PKT_TYPE_MAX	(7 << 5)
+#else
 #define PKT_TYPE_MAX	7
+#endif
 static unsigned int pkt_type_offset(void)
 {
 	struct sk_buff skb_probe = { .pkt_type = ~0, };
@@ -685,6 +689,13 @@ static bool convert_bpf_extensions(struct sock_filter *fp,
 		insn->code = BPF_ALU | BPF_AND | BPF_K;
 		insn->a_reg = A_REG;
 		insn->imm = PKT_TYPE_MAX;
+#ifdef __BIG_ENDIAN_BITFIELD
+		insn++;
+
+		insn->code = BPF_ALU | BPF_RSH | BPF_K;
+		insn->a_reg = A_REG;
+		insn->imm = 5;
+#endif
 		break;
 
 	case SKF_AD_OFF + SKF_AD_IFINDEX:
-- 
1.7.9.5

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ