lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <20170324.205151.2161184203383142347.davem@davemloft.net>
Date:   Fri, 24 Mar 2017 20:51:51 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     ast@...com
Cc:     daniel@...earbox.net, kafai@...com, netdev@...r.kernel.org
Subject: Re: [PATCH net] bpf: improve verifier packet range checks

From: Alexei Starovoitov <ast@...com>
Date: Fri, 24 Mar 2017 15:57:33 -0700

> llvm can optimize the 'if (ptr > data_end)' checks to be in the order
> slightly different than the original C code which will confuse verifier.
> Like:
> if (ptr + 16 > data_end)
>   return TC_ACT_SHOT;
> // may be followed by
> if (ptr + 14 > data_end)
>   return TC_ACT_SHOT;
> while llvm can see that 'ptr' is valid for all 16 bytes,
> the verifier could not.
> Fix verifier logic to account for such case and add a test.
> 
> Reported-by: Huapeng Zhou <hzhou@...com>
> Fixes: 969bf05eb3ce ("bpf: direct packet access")
> Signed-off-by: Alexei Starovoitov <ast@...nel.org>
> Acked-by: Daniel Borkmann <daniel@...earbox.net>
> Acked-by: Martin KaFai Lau <kafai@...com>

Applied and queued up for -stable, thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ