lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <20170511.104904.2085723000669887052.davem@davemloft.net>
Date:   Thu, 11 May 2017 10:49:04 -0400 (EDT)
From:   David Miller <davem@...emloft.net>
To:     daniel@...earbox.net
Cc:     ast@...com, alexei.starovoitov@...il.com, netdev@...r.kernel.org
Subject: Re: [PATCH 1/5] bpf: Track alignment of register values in the
 verifier.

From: Daniel Borkmann <daniel@...earbox.net>
Date: Thu, 11 May 2017 14:41:16 +0200

> On 05/10/2017 09:09 PM, David Miller wrote:
>>
>> Currently if we add only constant values to pointers we can fully
>> validate the alignment, and properly check if we need to reject the
>> program on CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS architectures.
> 
> Should say: !CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS

Ok.

>>
>> The existing code will reject the load of th->dport because it cannot
> 
> s/th->dport/th->dest/

Right :)

> In adjust_reg_min_max_vals(), don't we also need to call
> reset_reg_align() in the 'default' case for the cases where
> we use have ALU ops that we don't bother tracking (mod, div,
> endianess ops, etc)?
> 
> Likewise, for other cases where we do reset_reg_range_values()
> which is BPF_LD as class and for the BPF_MOV in check_alu_op(),
> which I think, is only relevant when we move reg A to reg B
> in 32 bit mode. Perhaps it makes sense to consolidate the reset
> on alignment with the reset of min/max values, or do we have
> cases where this is undesirable (not that I'm currently aware
> of ...)?

I can't think of any situation where these two actions don't have
to both be performned, so I've moved the alignment clear into
reset_reg_range_values() and removed reset_reg_align() altogether.

> But other than that:
> 
> Acked-by: Daniel Borkmann <daniel@...earbox.net>

Thanks for reviewing.

Powered by blists - more mailing lists