| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20150723214702.GA31886@Alexeis-MacBook-Pro.local> Date: Thu, 23 Jul 2015 14:47:03 -0700 From: Alexei Starovoitov <alexei.starovoitov@...il.com> To: Alex Gartrell <agartrell@...com> Cc: davem@...emloft.net, ast@...nel.org, daniel@...earbox.net, netdev@...r.kernel.org, kernel-team@...com Subject: Re: [PATCH net-next] ebpf: Allow dereferences of PTR_TO_STACK registers On Thu, Jul 23, 2015 at 02:24:40PM -0700, Alex Gartrell wrote: > mov %rsp, %r1 ; r1 = rsp > add $-8, %r1 ; r1 = rsp - 8 > store_q $123, -8(%rsp) ; *(u64*)r1 = 123 <- valid > store_q $123, (%r1) ; *(u64*)r1 = 123 <- previously invalid > mov $0, %r0 > exit ; Always need to exit > > And we'd get the following error: > > 0: (bf) r1 = r10 > 1: (07) r1 += -8 > 2: (7a) *(u64 *)(r10 -8) = 999 > 3: (7a) *(u64 *)(r1 +0) = 999 > R1 invalid mem access 'fp' > > Unable to load program > > We already know that a register is a stack address and the appropriate > offset, so we should be able to validate those references as well. > > Signed-off-by: Alex Gartrell <agartrell@...com> > --- > kernel/bpf/verifier.c | 6 ++++- > samples/bpf/test_verifier.c | 59 +++++++++++++++++++++++++++++++++++++++++++++ > 2 files changed, 64 insertions(+), 1 deletion(-) Looks good. Acked-by: Alexei Starovoitov <ast@...mgrid.com> > + BPF_ST_MEM(BPF_DW, BPF_REG_1, 2, 0xfaceb00c), nice constants :) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists