| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 11 Oct 2020 01:42:05 +0200
From: Daniel Borkmann <daniel@...earbox.net>
To: Andrii Nakryiko <andrii.nakryiko@...il.com>
Cc: Alexei Starovoitov <ast@...nel.org>,
john fastabend <john.fastabend@...il.com>,
Yonghong Song <yhs@...com>,
Networking <netdev@...r.kernel.org>, bpf <bpf@...r.kernel.org>
Subject: Re: [PATCH bpf-next v5 3/6] bpf: allow for map-in-map with dynamic
inner array map entries
On 10/11/20 12:02 AM, Andrii Nakryiko wrote:
> On Sat, Oct 10, 2020 at 1:54 PM Daniel Borkmann <daniel@...earbox.net> wrote:
[...]
>> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
>> index f3e36eade3d4..d578875df1ad 100644
>> --- a/kernel/bpf/verifier.c
>> +++ b/kernel/bpf/verifier.c
>> @@ -11049,6 +11049,8 @@ static int fixup_bpf_calls(struct bpf_verifier_env *env)
>> if (insn->imm == BPF_FUNC_map_lookup_elem &&
>> ops->map_gen_lookup) {
>> cnt = ops->map_gen_lookup(map_ptr, insn_buf);
>> + if (cnt < 0)
>> + goto patch_map_ops_generic;
>
> but now any reported error will be silently skipped. The logic should be:
>
> if (cnt == -EOPNOTSUPP)
> goto patch_map_ops_generic;
> if (cnt <= 0 || cnt >= ARRAY_SIZE(insn_buf))
> verbose(env, "bpf verifier is misconfigured\n");
>
> This way only -EOPNOTSUPP is silently skipped, all other cases where
> error is returned, cnt == 0, or cnt is too big would be reported as
> error.
Fair enough, I might have misunderstood earlier mail, but agree, that one is more
robust overall. Fixed.
Thanks,
Daniel
Powered by blists - more mailing lists