| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 19 May 2020 19:22:08 +0200
From: Daniel Borkmann <daniel@...earbox.net>
To: Jesper Dangaard Brouer <brouer@...hat.com>
Cc: netdev@...r.kernel.org, bpf@...r.kernel.org,
Daniel Borkmann <borkmann@...earbox.net>,
Alexei Starovoitov <alexei.starovoitov@...il.com>,
"David S. Miller" <davem@...emloft.net>
Subject: Re: [PATCH bpf-next] bpf: fix too large copy from user in
bpf_test_init
On 5/18/20 3:05 PM, Jesper Dangaard Brouer wrote:
> Commit bc56c919fce7 ("bpf: Add xdp.frame_sz in bpf_prog_test_run_xdp().")
> recently changed bpf_prog_test_run_xdp() to use larger frames for XDP in
> order to test tail growing frames (via bpf_xdp_adjust_tail) and to have
> memory backing frame better resemble drivers.
>
> The commit contains a bug, as it tries to copy the max data size from
> userspace, instead of the size provided by userspace. This cause XDP
> unit tests to fail sporadically with EFAULT, an unfortunate behavior.
> The fix is to only copy the size specified by userspace.
>
> Fixes: bc56c919fce7 ("bpf: Add xdp.frame_sz in bpf_prog_test_run_xdp().")
> Signed-off-by: Jesper Dangaard Brouer <brouer@...hat.com>
Applied, thanks!
Powered by blists - more mailing lists