lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20231108132448.1970-1-daniel@iogearbox.net>
Date: Wed,  8 Nov 2023 14:24:48 +0100
From: Daniel Borkmann <daniel@...earbox.net>
To: davem@...emloft.net
Cc: kuba@...nel.org,
	pabeni@...hat.com,
	edumazet@...gle.com,
	daniel@...earbox.net,
	ast@...nel.org,
	andrii@...nel.org,
	martin.lau@...ux.dev,
	netdev@...r.kernel.org,
	bpf@...r.kernel.org
Subject: pull-request: bpf 2023-11-08

Hi David, hi Jakub, hi Paolo, hi Eric,

The following pull-request contains BPF updates for your *net* tree.

We've added 16 non-merge commits during the last 6 day(s) which contain
a total of 30 files changed, 341 insertions(+), 130 deletions(-).

The main changes are:

1) Fix a BPF verifier issue in precision tracking for BPF_ALU | BPF_TO_BE |
   BPF_END where the source register was incorrectly marked as precise,
   from Shung-Hsi Yu.

2) Fix a concurrency issue in bpf_timer where the former could still have
   been alive after an application releases or unpins the map, from Hou Tao.

3) Fix a BPF verifier issue where immediates are incorrectly cast to u32
   before being spilled and therefore losing sign information, from Hao Sun.

4) Fix a misplaced BPF_TRACE_ITER in check_css_task_iter_allowlist which
   incorrectly compared bpf_prog_type with bpf_attach_type, from Chuyi Zhou.

5) Add __bpf_hook_{start,end} as well as __bpf_kfunc_{start,end}_defs macros,
   migrate all BPF-related __diag callsites over to it, and add a new
   __diag_ignore_all for -Wmissing-declarations to the macros to address
   recent build warnings, from Dave Marchevsky.

6) Fix broken BPF selftest build of xdp_hw_metadata test on architectures
   where char is not signed, from Björn Töpel.

7) Fix test_maps selftest to properly use LIBBPF_OPTS() macro to initialize
   the bpf_map_create_opts, from Andrii Nakryiko.

8) Fix bpffs selftest to avoid unmounting /sys/kernel/debug as it may have
   been mounted and used by other applications already, from Manu Bretelle.

9) Fix a build issue without CONFIG_CGROUPS wrt css_task open-coded
   iterators, from Matthieu Baerts.

Please consider pulling these changes from:

  git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git tags/for-netdev

Thanks a lot!

Also thanks to reporters, reviewers and testers of commits in this pull-request:

Anders Roxell, Andrii Nakryiko, David Vernet, Eduard Zingerman, Hsin-Wei 
Hung, Jiri Olsa, kernel test robot, Larysa Zaremba, Mohamed Mahmoud, 
Shung-Hsi Yu, Tao Lyu, Toke Høiland-Jørgensen, Yafang Shao, Yonghong Song

----------------------------------------------------------------

The following changes since commit 2b7ac0c87d985c92e519995853c52b9649ea4b07:

  tools: ynl-gen: don't touch the output file if content is the same (2023-11-01 22:14:00 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git tags/for-netdev

for you to fetch changes up to 8e1b802503bb630eafc3e97b2daf755368ec96e1:

  Merge branch 'Let BPF verifier consider {task,cgroup} is trusted in bpf_iter_reg' (2023-11-07 15:28:06 -0800)

----------------------------------------------------------------
bpf-for-netdev

----------------------------------------------------------------
Alexei Starovoitov (3):
      Merge branch 'bpf-fix-incorrect-immediate-spill'
      Merge branch 'relax-allowlist-for-open-coded-css_task-iter'
      Merge branch 'bpf-fix-precision-tracking-for-bpf_alu-bpf_to_be-bpf_end'

Andrii Nakryiko (1):
      selftests/bpf: fix test_maps' use of bpf_map_create_opts

Björn Töpel (1):
      selftests/bpf: Fix broken build where char is unsigned

Chuyi Zhou (5):
      bpf: Relax allowlist for css_task iter
      selftests/bpf: Add tests for css_task iter combining with cgroup iter
      selftests/bpf: Add test for using css_task iter in sleepable progs
      bpf: Let verifier consider {task,cgroup} is trusted in bpf_iter_reg
      selftests/bpf: get trusted cgrp from bpf_iter__cgroup directly

Dave Marchevsky (2):
      bpf: Add __bpf_kfunc_{start,end}_defs macros
      bpf: Add __bpf_hook_{start,end} macros

Hao Sun (2):
      bpf: Fix check_stack_write_fixed_off() to correctly spill imm
      selftests/bpf: Add test for immediate spilled to stack

Hou Tao (1):
      bpf: Check map->usercnt after timer->timer is assigned

Manu Bretelle (1):
      selftests/bpf: fix test_bpffs

Martin KaFai Lau (1):
      Merge branch 'Let BPF verifier consider {task,cgroup} is trusted in bpf_iter_reg'

Matthieu Baerts (1):
      bpf: fix compilation error without CGROUPS

Shung-Hsi Yu (2):
      bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END
      selftests/bpf: precision tracking test for BPF_NEG and BPF_END

 Documentation/bpf/kfuncs.rst                       |  6 +-
 include/linux/btf.h                                | 11 +++
 kernel/bpf/bpf_iter.c                              |  6 +-
 kernel/bpf/cgroup_iter.c                           |  8 +-
 kernel/bpf/cpumask.c                               |  6 +-
 kernel/bpf/helpers.c                               | 39 +++++----
 kernel/bpf/map_iter.c                              |  6 +-
 kernel/bpf/task_iter.c                             | 24 +++---
 kernel/bpf/verifier.c                              | 33 ++++++--
 kernel/cgroup/rstat.c                              |  9 +--
 kernel/trace/bpf_trace.c                           |  6 +-
 net/bpf/test_run.c                                 |  7 +-
 net/core/filter.c                                  | 13 +--
 net/core/xdp.c                                     |  6 +-
 net/ipv4/fou_bpf.c                                 |  6 +-
 net/netfilter/nf_conntrack_bpf.c                   |  6 +-
 net/netfilter/nf_nat_bpf.c                         |  6 +-
 net/socket.c                                       |  8 +-
 net/xfrm/xfrm_interface_bpf.c                      |  6 +-
 .../selftests/bpf/bpf_testmod/bpf_testmod.c        |  6 +-
 .../selftests/bpf/map_tests/map_percpu_stats.c     | 20 ++---
 .../testing/selftests/bpf/prog_tests/cgroup_iter.c | 33 ++++++++
 tools/testing/selftests/bpf/prog_tests/iters.c     |  1 +
 .../testing/selftests/bpf/prog_tests/test_bpffs.c  | 11 ++-
 tools/testing/selftests/bpf/prog_tests/verifier.c  |  2 +
 tools/testing/selftests/bpf/progs/iters_css_task.c | 55 +++++++++++++
 .../selftests/bpf/progs/iters_task_failure.c       |  4 +-
 .../selftests/bpf/progs/verifier_precision.c       | 93 ++++++++++++++++++++++
 tools/testing/selftests/bpf/verifier/bpf_st_mem.c  | 32 ++++++++
 tools/testing/selftests/bpf/xdp_hw_metadata.c      |  2 +-
 30 files changed, 341 insertions(+), 130 deletions(-)
 create mode 100644 tools/testing/selftests/bpf/progs/verifier_precision.c

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ