| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20210416223700.15611-1-daniel@iogearbox.net>
Date: Sat, 17 Apr 2021 00:37:00 +0200
From: Daniel Borkmann <daniel@...earbox.net>
To: davem@...emloft.net
Cc: kuba@...nel.org, daniel@...earbox.net, ast@...nel.org,
andrii@...nel.org, netdev@...r.kernel.org, bpf@...r.kernel.org
Subject: pull-request: bpf 2021-04-17
Hi David, hi Jakub,
The following pull-request contains BPF updates for your *net* tree.
We've added 10 non-merge commits during the last 9 day(s) which contain
a total of 8 files changed, 175 insertions(+), 111 deletions(-).
The main changes are:
1) Fix a potential NULL pointer dereference in libbpf's xsk
umem handling, from Ciara Loftus.
2) Mitigate a speculative oob read of up to map value size by
tightening the masking window, from Daniel Borkmann.
Please consider pulling these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git
Thanks a lot!
Also thanks to reporters, reviewers and testers of commits in this pull-request:
Alexei Starovoitov, Benedict Schlueter, John Fastabend, Piotr Krysiuk
----------------------------------------------------------------
The following changes since commit 1ffbc7ea91606e4abd10eb60de5367f1c86daf5e:
net: sched: sch_teql: fix null-pointer dereference (2021-04-08 14:14:42 -0700)
are available in the Git repository at:
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git
for you to fetch changes up to d7a5091351756d0ae8e63134313c455624e36a13:
bpf: Update selftests to reflect new error states (2021-04-16 23:52:15 +0200)
----------------------------------------------------------------
Ciara Loftus (1):
libbpf: Fix potential NULL pointer dereference
Daniel Borkmann (9):
bpf: Use correct permission flag for mixed signed bounds arithmetic
bpf: Move off_reg into sanitize_ptr_alu
bpf: Ensure off_reg has no mixed signed bounds for all types
bpf: Rework ptr_limit into alu_limit and add common error path
bpf: Improve verifier error messages for users
bpf: Refactor and streamline bounds check into helper
bpf: Move sanitize_val_alu out of op switch
bpf: Tighten speculative pointer arithmetic mask
bpf: Update selftests to reflect new error states
kernel/bpf/verifier.c | 230 ++++++++++++++-------
tools/lib/bpf/xsk.c | 5 +-
tools/testing/selftests/bpf/verifier/bounds.c | 5 -
.../selftests/bpf/verifier/bounds_deduction.c | 21 +-
.../bpf/verifier/bounds_mix_sign_unsign.c | 13 --
tools/testing/selftests/bpf/verifier/map_ptr.c | 4 +-
tools/testing/selftests/bpf/verifier/unpriv.c | 2 +-
.../selftests/bpf/verifier/value_ptr_arith.c | 6 +-
8 files changed, 175 insertions(+), 111 deletions(-)
Powered by blists - more mailing lists