lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 7 Feb 2022 11:14:42 -0800
From:   Yonghong Song <>
To:     Jakub Sitnicki <>, <>
CC:     <>, Alexei Starovoitov <>,
        Daniel Borkmann <>,
        Andrii Nakryiko <>,
Subject: Re: [PATCH bpf-next 1/2] bpf: Make remote_port field in struct
 bpf_sk_lookup 16-bit wide

On 2/7/22 5:14 AM, Jakub Sitnicki wrote:
> remote_port is another case of a BPF context field documented as a 32-bit
> value in network byte order for which the BPF context access converter
> generates a load of a zero-padded 16-bit integer in network byte order.
> First such case was dst_port in bpf_sock which got addressed in commit
> 4421a582718a ("bpf: Make dst_port field in struct bpf_sock 16-bit wide").
> Loading 4-bytes from the remote_port offset and converting the value with
> bpf_ntohl() leads to surprising results, as the expected value is shifted
> by 16 bits.
> Reduce the confusion by splitting the field in two - a 16-bit field holding
> a big-endian integer, and a 16-bit zero-padding anonymous field that
> follows it.
> Suggested-by: Alexei Starovoitov <>
> Signed-off-by: Jakub Sitnicki <>

Acked-by: Yonghong Song <>

Powered by blists - more mailing lists