| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20160929.013608.760373071668971559.davem@davemloft.net>
Date: Thu, 29 Sep 2016 01:36:08 -0400 (EDT)
From: David Miller <davem@...emloft.net>
To: jbacik@...com
Cc: daniel@...earbox.net, tgraf@...g.ch, netdev@...r.kernel.org,
kernel-team@...com, u9012063@...il.com
Subject: Re: [PATCH net-next v5] bpf: allow access into map value arrays
From: Josef Bacik <jbacik@...com>
Date: Wed, 28 Sep 2016 10:54:32 -0400
> Suppose you have a map array value that is something like this
>
> struct foo {
> unsigned iter;
> int array[SOME_CONSTANT];
> };
>
> You can easily insert this into an array, but you cannot modify the contents of
> foo->array[] after the fact. This is because we have no way to verify we won't
> go off the end of the array at verification time. This patch provides a start
> for this work. We accomplish this by keeping track of a minimum and maximum
> value a register could be while we're checking the code. Then at the time we
> try to do an access into a MAP_VALUE we verify that the maximum offset into that
> region is a valid access into that memory region. So in practice, code such as
> this
>
> unsigned index = 0;
>
> if (foo->iter >= SOME_CONSTANT)
> foo->iter = index;
> else
> index = foo->iter++;
> foo->array[index] = bar;
>
> would be allowed, as we can verify that index will always be between 0 and
> SOME_CONSTANT-1. If you wish to use signed values you'll have to have an extra
> check to make sure the index isn't less than 0, or do something like index %=
> SOME_CONSTANT.
>
> Signed-off-by: Josef Bacik <jbacik@...com>
> Acked-by: Alexei Starovoitov <ast@...nel.org>
Applied, thanks.
Powered by blists - more mailing lists