| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 2 Nov 2019 13:08:52 -0700
From: Alexei Starovoitov <alexei.starovoitov@...il.com>
To: Daniel Borkmann <daniel@...earbox.net>
Cc: bpf@...r.kernel.org, netdev@...r.kernel.org, ast@...nel.org,
andrii.nakryiko@...il.com, john.fastabend@...il.com
Subject: Re: [PATCH bpf-next v3 0/8] Fix BPF probe memory helpers
On Sat, Nov 02, 2019 at 12:17:55AM +0100, Daniel Borkmann wrote:
> This set adds probe_read_{user,kernel}(), probe_read_str_{user,kernel}()
> helpers, fixes probe_write_user() helper and selftests. For details please
> see individual patches.
>
> Thanks!
>
> v2 -> v3:
> - noticed two more things that are fixed in here:
> - bpf uapi helper description used 'int size' for *_str helpers, now u32
> - we need TASK_SIZE_MAX + guard page on x86-64 in patch 2 otherwise
> we'll trigger the 00c42373d397 warn as well, so full range covered now
Applied and I wish I could say: "queued up for -stable".
The warning added by
commit 00c42373d397 ("x86-64: add warning for non-canonical user access address dereferences")
dumps the stack trace that looks like kernel panic. It was reported numerous
times by scared users and crash detection tools. Until now bpf tracing
programs couldn't be fixed to avoid that warning. This patch set is a big step
forward solving user vs kernel access issue. User space tool 'bpftrace'
provisioned language feature 'kaddr' and 'uaddr' in anticipation of the
bpf_probe_read_user() helper.
Thank you Daniel for implementing this fix.
Powered by blists - more mailing lists