| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 Feb 2020 11:02:12 +0900
From: Yoshiki Komachi <komachi.yoshiki@...il.com>
To: "David S. Miller" <davem@...emloft.net>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Martin KaFai Lau <kafai@...com>,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
Andrii Nakryiko <andriin@...com>
Cc: Yoshiki Komachi <komachi.yoshiki@...il.com>,
netdev@...r.kernel.org, bpf@...r.kernel.org
Subject: [PATCH bpf] bpf: btf: Fix BTF verification of the enum size in struct/union
btf_enum_check_member() checked if the size of "enum" as a struct
member exceeded struct_size or not. Then, the function definitely
compared it with the size of "int" now. Therefore, errors could occur
when the size of the "enum" type was changed.
Although the size of "enum" is 4-byte by default, users can change it
as needed (e.g., the size of the following test variable is not 4-byte
but 1-byte). It can be used as a struct member as below:
enum test : char {
X,
Y,
Z,
};
struct {
char a;
enum test b;
char c;
} tmp;
With the setup above, when I tried to load BTF, the error was given
as below:
------------------------------------------------------------------
[58] STRUCT (anon) size=3 vlen=3
a type_id=55 bits_offset=0
b type_id=59 bits_offset=8
c type_id=55 bits_offset=16
[59] ENUM test size=1 vlen=3
X val=0
Y val=1
Z val=2
[58] STRUCT (anon) size=3 vlen=3
b type_id=59 bits_offset=8 Member exceeds struct_size
libbpf: Error loading .BTF into kernel: -22.
------------------------------------------------------------------
The related issue was previously fixed by the commit 9eea98497951 ("bpf:
fix BTF verification of enums"). On the other hand, this patch fixes
my explained issue by using the correct size of "enum" declared in
BPF programs.
Fixes: 179cde8cef7e ("bpf: btf: Check members of struct/union")
Signed-off-by: Yoshiki Komachi <komachi.yoshiki@...il.com>
---
kernel/bpf/btf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c
index 7871400..32ab922 100644
--- a/kernel/bpf/btf.c
+++ b/kernel/bpf/btf.c
@@ -2418,7 +2418,7 @@ static int btf_enum_check_member(struct btf_verifier_env *env,
struct_size = struct_type->size;
bytes_offset = BITS_ROUNDDOWN_BYTES(struct_bits_off);
- if (struct_size - bytes_offset < sizeof(int)) {
+ if (struct_size - bytes_offset < member_type->size) {
btf_verifier_log_member(env, struct_type, member,
"Member exceeds struct_size");
return -EINVAL;
--
1.8.3.1
Powered by blists - more mailing lists