lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <c26c0f63-0ae3-a2d9-6c9c-05705152ae28@fb.com>
Date:   Fri, 29 Oct 2021 12:00:33 -0700
From:   Yonghong Song <yhs@...com>
To:     Alexei Starovoitov <alexei.starovoitov@...il.com>,
        <davem@...emloft.net>
CC:     <daniel@...earbox.net>, <andrii@...nel.org>,
        <netdev@...r.kernel.org>, <bpf@...r.kernel.org>,
        <kernel-team@...com>
Subject: Re: [PATCH bpf-next] selftests/bpf: Add a testcase for 64-bit bounds
 propagation issue.



On 10/29/21 10:22 AM, Alexei Starovoitov wrote:
> From: Alexei Starovoitov <ast@...nel.org>
> 
> ./test_progs-no_alu32 -vv -t twfw
> 
> Before the fix:

It is not clear which "fix" it is. I believe the fix is this one:
 
https://lore.kernel.org/bpf/20211029163102.80290-1-alexei.starovoitov@gmail.com/
Put this patch and the "fix" patch in the series will make it
clear which kernel patch fixed the issue.

> 19: (25) if r1 > 0x3f goto pc+6
>   R1_w=inv(id=0,umax_value=63,var_off=(0x0; 0xff),s32_max_value=255,u32_max_value=255)
> 
> and eventually:
> 
> invalid access to map value, value_size=8 off=7 size=8
> R6 max value is outside of the allowed memory range
> libbpf: failed to load object 'no_alu32/twfw.o'
> 
> After the fix:
> 19: (25) if r1 > 0x3f goto pc+6
>   R1_w=inv(id=0,umax_value=63,var_off=(0x0; 0x3f))
> 
> verif_twfw:OK
> 
> Signed-off-by: Alexei Starovoitov <ast@...nel.org>

Acked-by: Yonghong Song <yhs@...com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ