lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-Id: <20210503224731.6963-1-daniel@iogearbox.net>
Date:   Tue,  4 May 2021 00:47:31 +0200
From:   Daniel Borkmann <daniel@...earbox.net>
To:     davem@...emloft.net
Cc:     kuba@...nel.org, daniel@...earbox.net, ast@...nel.org,
        andrii.nakryiko@...il.com, netdev@...r.kernel.org,
        bpf@...r.kernel.org
Subject: pull-request: bpf 2021-05-04

Hi David, hi Jakub,

The following pull-request contains BPF updates for your *net* tree.

We've added 5 non-merge commits during the last 4 day(s) which contain
a total of 6 files changed, 52 insertions(+), 30 deletions(-).

The main changes are:

1) Fix libbpf overflow when processing BPF ring buffer in case of extreme
   application behavior, from Brendan Jackman.

2) Fix potential data leakage of uninitialized BPF stack under speculative
   execution, from Daniel Borkmann.

3) Fix off-by-one when validating xsk pool chunks, from Xuan Zhuo.

4) Fix snprintf BPF selftest with a pid filter to avoid racing its output
   test buffer, from Florent Revest.

Please consider pulling these changes from:

  git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git

Thanks a lot!

Also thanks to reporters, reviewers and testers of commits in this pull-request:

Alexei Starovoitov, Andrii Nakryiko, John Fastabend, Magnus Karlsson, 
Piotr Krysiuk

----------------------------------------------------------------

The following changes since commit d4eecfb28b963493a8701f271789ff04e92ae205:

  net: dsa: ksz: ksz8863_smi_probe: set proper return value for ksz_switch_alloc() (2021-04-29 15:54:35 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git 

for you to fetch changes up to ac31565c21937eee9117e43c9cd34f557f6f1cb8:

  xsk: Fix for xp_aligned_validate_desc() when len == chunk_size (2021-05-04 00:28:06 +0200)

----------------------------------------------------------------
Brendan Jackman (1):
      libbpf: Fix signed overflow in ringbuf_process_ring

Daniel Borkmann (2):
      bpf: Fix masking negation logic upon negative dst register
      bpf: Fix leakage of uninitialized bpf stack under speculation

Florent Revest (1):
      selftests/bpf: Fix the snprintf test

Xuan Zhuo (1):
      xsk: Fix for xp_aligned_validate_desc() when len == chunk_size

 include/linux/bpf_verifier.h                      |  5 ++--
 kernel/bpf/verifier.c                             | 33 ++++++++++++-----------
 net/xdp/xsk_queue.h                               |  7 +++--
 tools/lib/bpf/ringbuf.c                           | 30 ++++++++++++++-------
 tools/testing/selftests/bpf/prog_tests/snprintf.c |  2 ++
 tools/testing/selftests/bpf/progs/test_snprintf.c |  5 ++++
 6 files changed, 52 insertions(+), 30 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ