lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 20 May 2022 19:37:24 +0800
From:   Shung-Hsi Yu <shung-hsi.yu@...e.com>
To:     netdev@...r.kernel.org, bpf@...r.kernel.org,
        linux-kernel@...r.kernel.org, linux-kselftest@...r.kernel.org
CC:     Shung-Hsi Yu <shung-hsi.yu@...e.com>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Andrii Nakryiko <andrii@...nel.org>,
        Martin KaFai Lau <kafai@...com>,
        Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
        John Fastabend <john.fastabend@...il.com>,
        KP Singh <kpsingh@...nel.org>, Shuah Khan <shuah@...nel.org>
Subject: [PATCH bpf-next 0/4] bpf: verifier: remove redundant opcode checks

This patch set aims to remove opcode checks in BPF verifier that have
become redundant since commit 5e581dad4fec ("bpf: make unknown opcode
handling more robust"), either remove them entirely, or turn them into
comments in places where the redundancy may not be clear.

The exceptions here are opcode check for BPF_LD_{ABS,IND} and
BPF_JMP_{JA,CALL,EXIT}; they cover opcode validation not done in
bpf_opcode_in_insntable() so is not removed.

After apply the patch set test_verifier passes and does not need further
modification:
  Summary: 1348 PASSED, 635 SKIPPED, 0 FAILED

Also, add comments at places that I find confusing while working on the
removal, namely:

  1. resolve_pseudo_ldimm64() also validates opcode
  2. BPF_SIZE check in check_ld_imm() guards against JMP to the 2nd
     BPF_LD_IMM64 instruction
  3. reason behind why ld_imm64 test cases should be rejected by the
     verifier


Shung-Hsi Yu (4):
  bpf: verifier: update resolve_pseudo_ldimm64() comment
  bpf: verifier: explain opcode check in check_ld_imm()
  bpf: verifier: remove redundant opcode checks
  selftests/bpf: add reason of rejection in ld_imm64

 kernel/bpf/verifier.c                         | 33 ++++++++-----------
 .../testing/selftests/bpf/verifier/ld_imm64.c | 20 ++++++-----
 2 files changed, 25 insertions(+), 28 deletions(-)


base-commit: 68084a13642001b73aade05819584f18945f3297
-- 
2.36.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ