lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 18 Jan 2018 02:16:03 +0100
From:   Daniel Borkmann <daniel@...earbox.net>
To:     davem@...emloft.net
Cc:     daniel@...earbox.net, ast@...nel.org, netdev@...r.kernel.org
Subject: pull-request: bpf 2018-01-18

Hi David,

The following pull-request contains BPF updates for your *net* tree.

The main changes are:

1) Fix a divide by zero due to wrong if (src_reg == 0) check in
   64-bit mode. Properly handle this in interpreter and mask it
   also generically in verifier to guard against similar checks
   in JITs, from Eric and Alexei.

2) Fix a bug in arm64 JIT when tail calls are involved and progs
   have different stack sizes, from Daniel.

3) Reject stores into BPF context that are not expected BPF_STX |
   BPF_MEM variant, from Daniel.

4) Mark dst reg as unknown on {s,u}bounds adjustments when the
   src reg has derived bounds from dead branches, from Daniel.

Please consider pulling these changes from:

  git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git

Thanks a lot!

----------------------------------------------------------------

The following changes since commit 8155aedf512edd3f88ef19f7cacf476ace7d1322:

  Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf (2018-01-14 11:01:33 -0500)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git 

for you to fetch changes up to 6f16101e6a8b4324c36e58a29d9e0dbb287cdedb:

  bpf: mark dst unknown on inconsistent {s, u}bounds adjustments (2018-01-17 16:23:17 -0800)

----------------------------------------------------------------
Alexei Starovoitov (1):
      bpf: fix 32-bit divide by zero

Daniel Borkmann (3):
      bpf, arm64: fix stack_depth tracking in combination with tail calls
      bpf: reject stores into ctx via st and xadd
      bpf: mark dst unknown on inconsistent {s, u}bounds adjustments

Eric Dumazet (1):
      bpf: fix divides by zero

 arch/arm64/net/bpf_jit_comp.c               |  20 ++--
 kernel/bpf/core.c                           |   4 +-
 kernel/bpf/verifier.c                       |  64 ++++++++++--
 net/core/filter.c                           |   4 +
 tools/testing/selftests/bpf/test_verifier.c | 152 +++++++++++++++++++++++++++-
 5 files changed, 219 insertions(+), 25 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ