lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Fri, 6 Mar 2020 15:03:30 +0100
From:   Daniel Borkmann <daniel@...earbox.net>
To:     Luke Nelson <lukenels@...washington.edu>, bpf@...r.kernel.org
Cc:     Luke Nelson <luke.r.nels@...il.com>, Xi Wang <xi.wang@...il.com>,
        Wang YanQing <udknight@...il.com>,
        "David S. Miller" <davem@...emloft.net>,
        Alexey Kuznetsov <kuznet@....inr.ac.ru>,
        Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H. Peter Anvin" <hpa@...or.com>, x86@...nel.org,
        Alexei Starovoitov <ast@...nel.org>,
        Martin KaFai Lau <kafai@...com>,
        Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
        Andrii Nakryiko <andriin@...com>,
        Shuah Khan <shuah@...nel.org>,
        Jiong Wang <jiong.wang@...ronome.com>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, linux-kselftest@...r.kernel.org
Subject: Re: [PATCH bpf 1/2] bpf, x32: fix bug with JMP32 JSET BPF_X checking
 upper bits

On 3/6/20 12:44 AM, Luke Nelson wrote:
> The current x32 BPF JIT is incorrect for JMP32 JSET BPF_X when the upper
> 32 bits of operand registers are non-zero in certain situations.
[...]
> We found this bug using our automated verification tool, Serval.
> 
> Fixes: 69f827eb6e14 ("x32: bpf: implement jitting of JMP32")
> Co-developed-by: Xi Wang <xi.wang@...il.com>
> Signed-off-by: Xi Wang <xi.wang@...il.com>
> Signed-off-by: Luke Nelson <luke.r.nels@...il.com>

Applied both, thanks for the fix!

Powered by blists - more mailing lists