lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <20170312.235151.1369356708706057105.davem@davemloft.net> Date: Sun, 12 Mar 2017 23:51:51 -0700 (PDT) From: David Miller <davem@...emloft.net> To: daniel@...earbox.net Cc: netdev@...r.kernel.org, ast@...nel.org Subject: Re: [PATCH net] bpf: improve read-only handling From: Daniel Borkmann <daniel@...earbox.net> Date: Sat, 11 Mar 2017 16:55:49 +0100 > Improve bpf_{prog,jit_binary}_{un,}lock_ro() by throwing a > one-time warning in case of an error when the image couldn't > be set read-only, and also mark struct bpf_prog as locked when > bpf_prog_lock_ro() was called. > > Reason for the latter is that bpf_prog_unlock_ro() is called from > various places including error paths, and we shouldn't mess with > page attributes when really not needed. > > For bpf_jit_binary_unlock_ro() this is not needed as jited flag > implicitly indicates this, thus for archs with ARCH_HAS_SET_MEMORY > we're guaranteed to have a previously locked image. Overall, this > should also help us to identify any further potential issues with > set_memory_*() helpers. > > Signed-off-by: Daniel Borkmann <daniel@...earbox.net> > Acked-by: Alexei Starovoitov <ast@...nel.org> > --- > ( My preference is on -net, so we can potentially find and fix > any remaining unexpected issue with set_memory_*(). Thanks! ) Ok, applied to -net, thanks Daniel.
Powered by blists - more mailing lists