lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 24 Jun 2021 21:01:05 -0700
From:   Alexei Starovoitov <alexei.starovoitov@...il.com>
To:     Ravi Bangoria <ravi.bangoria@...ux.ibm.com>
Cc:     Alexei Starovoitov <ast@...nel.org>,
        "David S. Miller" <davem@...emloft.net>,
        Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
        David Ahern <dsahern@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        X86 ML <x86@...nel.org>, "H. Peter Anvin" <hpa@...or.com>,
        Andrii Nakryiko <andrii@...nel.org>,
        Martin KaFai Lau <kafai@...com>,
        Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
        John Fastabend <john.fastabend@...il.com>,
        KP Singh <kpsingh@...nel.org>,
        Network Development <netdev@...r.kernel.org>,
        bpf <bpf@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org>,
        "Naveen N. Rao" <naveen.n.rao@...ux.vnet.ibm.com>
Subject: Re: [PATCH] x86 bpf: Fix extable offset calculation

On Tue, Jun 22, 2021 at 4:01 AM Ravi Bangoria
<ravi.bangoria@...ux.ibm.com> wrote:
>
> commit 4c5de127598e1 ("bpf: Emit explicit NULL pointer checks
> for PROBE_LDX instructions.") is emitting couple of instructions
> before actual load. Consider those additional instructions while
> calculating extable offset.
>
> Fixes: 4c5de127598e1 ("bpf: Emit explicit NULL pointer checks for PROBE_LDX instructions.")
> Signed-off-by: Ravi Bangoria <ravi.bangoria@...ux.ibm.com>
> ---
>  arch/x86/net/bpf_jit_comp.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c
> index 2a2e290fa5d8..231a8178cc11 100644
> --- a/arch/x86/net/bpf_jit_comp.c
> +++ b/arch/x86/net/bpf_jit_comp.c
> @@ -1297,7 +1297,7 @@ st:                       if (is_imm8(insn->off))
>                         emit_ldx(&prog, BPF_SIZE(insn->code), dst_reg, src_reg, insn->off);
>                         if (BPF_MODE(insn->code) == BPF_PROBE_MEM) {
>                                 struct exception_table_entry *ex;
> -                               u8 *_insn = image + proglen;
> +                               u8 *_insn = image + proglen + (u8)(start_of_ldx - temp);

Great debugging and the fix. Thanks a lot.
I've dropped (u8) cast, kept (), and applied to bpf tree.
I think it looks cleaner without that cast.
Could you send a followup patch with a selftest, so I don't make
the same mistake again ? ;)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ