[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 01 Jan 2019 13:20:36 -0800 (PST)
From: David Miller <davem@...emloft.net>
To: daniel@...earbox.net
Cc: ast@...nel.org, jannh@...gle.com, netdev@...r.kernel.org
Subject: Re: [PATCH bpf 5/9] bpf: restrict stack pointer arithmetic for
unpriviledged
From: Daniel Borkmann <daniel@...earbox.net>
Date: Tue, 1 Jan 2019 21:49:21 +0100
> Restrict stack pointer arithmetic for unpriviledged users in that
> arithmetic itself must not go out of bounds as opposed to the actual
> access later on. Therefore after each adjust_ptr_min_max_vals() with
> a stack pointer as a destination we simulate a check_stack_access()
> of 1 byte on the destination and once that fails the program is
> rejected for unpriviledged program loads. This is analoge to map
^^^^^^^
Should be "analog".
Powered by blists - more mailing lists