lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 1 May 2019 23:43:45 +0200 From: Daniel Borkmann <daniel@...earbox.net> To: Wang YanQing <udknight@...il.com>, ast@...nel.org, davem@...emloft.net, kuznet@....inr.ac.ru, tglx@...utronix.de, netdev@...r.kernel.org, bpf@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] bpf, x32: Fix bug for BPF_ALU64 | BPF_NEG On 04/28/2019 04:33 AM, Wang YanQing wrote: > The current implementation has two errors: > 1: The second xor instruction will clear carry flag which > is necessary for following sbb instruction. > 2: The select coding for sbb instruction is wrong, the coding > is "sbb dreg_hi,ecx", but what we need is "sbb ecx,dreg_hi". > > This patch rewrites the implementation and fixes the errors. > > This patch fixes below errors reported by bpf/test_verifier in x32 > platform when the jit is enabled: > " > 0: (b4) w1 = 4 > 1: (b4) w2 = 4 > 2: (1f) r2 -= r1 > 3: (4f) r2 |= r1 > 4: (87) r2 = -r2 > 5: (c7) r2 s>>= 63 > 6: (5f) r1 &= r2 > 7: (bf) r0 = r1 > 8: (95) exit > processed 9 insns (limit 131072), stack depth 0 > 0: (b4) w1 = 4 > 1: (b4) w2 = 4 > 2: (1f) r2 -= r1 > 3: (4f) r2 |= r1 > 4: (87) r2 = -r2 > 5: (c7) r2 s>>= 63 > 6: (5f) r1 &= r2 > 7: (bf) r0 = r1 > 8: (95) exit > processed 9 insns (limit 131072), stack depth 0 > ...... > Summary: 1189 PASSED, 125 SKIPPED, 15 FAILED > " > > Signed-off-by: Wang YanQing <udknight@...il.com> Applied, thanks!
Powered by blists - more mailing lists