lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20240306220309.13534-1-daniel@iogearbox.net>
Date: Wed,  6 Mar 2024 23:03:09 +0100
From: Daniel Borkmann <daniel@...earbox.net>
To: davem@...emloft.net
Cc: kuba@...nel.org,
	pabeni@...hat.com,
	edumazet@...gle.com,
	daniel@...earbox.net,
	ast@...nel.org,
	andrii@...nel.org,
	martin.lau@...ux.dev,
	netdev@...r.kernel.org,
	bpf@...r.kernel.org
Subject: pull-request: bpf 2024-03-06

Hi David, hi Jakub, hi Paolo, hi Eric,

The following pull-request contains BPF updates for your *net* tree.

We've added 5 non-merge commits during the last 1 day(s) which contain
a total of 5 files changed, 77 insertions(+), 4 deletions(-).

The main changes are:

1) Fix BPF verifier to check bpf_func_state->callback_depth when pruning
   states as otherwise unsafe programs could get accepted, from Eduard Zingerman.

2) Fix to zero-initialise xdp_rxq_info struct before running XDP program in
   CPU map which led to random xdp_md fields, from Toke Høiland-Jørgensen.

3) Fix bonding XDP feature flags calculation when bonding device has no
   slave devices anymore, from Daniel Borkmann.

Please consider pulling these changes from:

  git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git tags/for-netdev

Thanks a lot!

Also thanks to reporters, reviewers and testers of commits in this pull-request:

Tobias Böhm, Toke Høiland-Jørgensen, Yonghong Song

----------------------------------------------------------------

The following changes since commit 685f7d531264599b3f167f1e94bbd22f120e5fab:

  net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (2024-03-05 11:16:11 -0800)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git tags/for-netdev

for you to fetch changes up to 2487007aa3b9fafbd2cb14068f49791ce1d7ede5:

  cpumap: Zero-initialise xdp_rxq_info struct before running XDP program (2024-03-05 16:48:53 -0800)

----------------------------------------------------------------
bpf-for-netdev

----------------------------------------------------------------
Alexei Starovoitov (1):
      Merge branch 'check-bpf_func_state-callback_depth-when-pruning-states'

Daniel Borkmann (2):
      xdp, bonding: Fix feature flags when there are no slave devs anymore
      selftests/bpf: Fix up xdp bonding test wrt feature flags

Eduard Zingerman (2):
      bpf: check bpf_func_state->callback_depth when pruning states
      selftests/bpf: test case for callback_depth states pruning logic

Toke Høiland-Jørgensen (1):
      cpumap: Zero-initialise xdp_rxq_info struct before running XDP program

 drivers/net/bonding/bond_main.c                    |  2 +-
 kernel/bpf/cpumap.c                                |  2 +-
 kernel/bpf/verifier.c                              |  3 +
 .../testing/selftests/bpf/prog_tests/xdp_bonding.c |  4 +-
 .../bpf/progs/verifier_iterating_callbacks.c       | 70 ++++++++++++++++++++++
 5 files changed, 77 insertions(+), 4 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ