lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Tue, 15 Jun 2021 23:39:27 +0200
From:   Daniel Borkmann <daniel@...earbox.net>
To:     davem@...emloft.net
Cc:     kuba@...nel.org, daniel@...earbox.net, ast@...nel.org,
        andrii@...nel.org, netdev@...r.kernel.org, bpf@...r.kernel.org
Subject: pull-request: bpf 2021-06-15

Hi David, hi Jakub,

The following pull-request contains BPF updates for your *net* tree.

We've added 5 non-merge commits during the last 11 day(s) which contain
a total of 10 files changed, 115 insertions(+), 16 deletions(-).

The main changes are:

1) Fix marking incorrect umem ring as done in libbpf's
   xsk_socket__create_shared() helper, from Kev Jackson.

2) Fix oob leakage under a spectre v1 type confusion
   attack, from Daniel Borkmann.

Please consider pulling these changes from:

  git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git

Thanks a lot!

Also thanks to reporters, reviewers and testers of commits in this pull-request:

Adam Morrison, Alexei Starovoitov, Benedict Schlueter, John Fastabend, 
Ofek Kirzner, Piotr Krysiuk, Yonghong Song

----------------------------------------------------------------

The following changes since commit 1a8024239dacf53fcf39c0f07fbf2712af22864f:

  virtio-net: fix for skb_over_panic inside big mode (2021-06-03 15:29:04 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git 

for you to fetch changes up to 973377ffe8148180b2651825b92ae91988141b05:

  bpf, selftests: Adjust few selftest outcomes wrt unreachable code (2021-06-14 23:06:38 +0200)

----------------------------------------------------------------
Daniel Borkmann (4):
      bpf: Inherit expanded/patched seen count from old aux data
      bpf: Do not mark insn as seen under speculative path verification
      bpf: Fix leakage under speculation on mispredicted branches
      bpf, selftests: Adjust few selftest outcomes wrt unreachable code

Kev Jackson (1):
      libbpf: Fixes incorrect rx_ring_setup_done

 kernel/bpf/verifier.c                              | 68 +++++++++++++++++++---
 tools/lib/bpf/xsk.c                                |  2 +-
 tools/testing/selftests/bpf/test_verifier.c        |  2 +-
 tools/testing/selftests/bpf/verifier/and.c         |  2 +
 tools/testing/selftests/bpf/verifier/bounds.c      | 14 +++++
 tools/testing/selftests/bpf/verifier/dead_code.c   |  2 +
 tools/testing/selftests/bpf/verifier/jmp32.c       | 22 +++++++
 tools/testing/selftests/bpf/verifier/jset.c        | 10 ++--
 tools/testing/selftests/bpf/verifier/unpriv.c      |  2 +
 .../selftests/bpf/verifier/value_ptr_arith.c       |  7 ++-
 10 files changed, 115 insertions(+), 16 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ