| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20170312.235151.1369356708706057105.davem@davemloft.net>
Date: Sun, 12 Mar 2017 23:51:51 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: daniel@...earbox.net
Cc: netdev@...r.kernel.org, ast@...nel.org
Subject: Re: [PATCH net] bpf: improve read-only handling
From: Daniel Borkmann <daniel@...earbox.net>
Date: Sat, 11 Mar 2017 16:55:49 +0100
> Improve bpf_{prog,jit_binary}_{un,}lock_ro() by throwing a
> one-time warning in case of an error when the image couldn't
> be set read-only, and also mark struct bpf_prog as locked when
> bpf_prog_lock_ro() was called.
>
> Reason for the latter is that bpf_prog_unlock_ro() is called from
> various places including error paths, and we shouldn't mess with
> page attributes when really not needed.
>
> For bpf_jit_binary_unlock_ro() this is not needed as jited flag
> implicitly indicates this, thus for archs with ARCH_HAS_SET_MEMORY
> we're guaranteed to have a previously locked image. Overall, this
> should also help us to identify any further potential issues with
> set_memory_*() helpers.
>
> Signed-off-by: Daniel Borkmann <daniel@...earbox.net>
> Acked-by: Alexei Starovoitov <ast@...nel.org>
> ---
> ( My preference is on -net, so we can potentially find and fix
> any remaining unexpected issue with set_memory_*(). Thanks! )
Ok, applied to -net, thanks Daniel.
Powered by blists - more mailing lists