lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAMB2axNNc0p6kXgNQjQs-jsZ-NkKR==hY6OtoU6mxdHy-YqbvA@mail.gmail.com>
Date: Mon, 22 Sep 2025 15:30:52 -0700
From: Amery Hung <ameryhung@...il.com>
To: Martin KaFai Lau <martin.lau@...ux.dev>
Cc: bpf@...r.kernel.org, netdev@...r.kernel.org, alexei.starovoitov@...il.com, 
	andrii@...nel.org, daniel@...earbox.net, paul.chaignon@...il.com, 
	kuba@...nel.org, stfomichev@...il.com, martin.lau@...nel.org, 
	mohsin.bashr@...il.com, noren@...dia.com, dtatulea@...dia.com, 
	saeedm@...dia.com, tariqt@...dia.com, mbloch@...dia.com, 
	maciej.fijalkowski@...el.com, kernel-team@...a.com
Subject: Re: [PATCH bpf-next v6 5/7] bpf: Support specifying linear xdp packet
 data size for BPF_PROG_TEST_RUN

On Mon, Sep 22, 2025 at 1:04 PM Martin KaFai Lau <martin.lau@...ux.dev> wrote:
>
> On 9/22/25 12:48 PM, Amery Hung wrote:
> >>> diff --git a/net/bpf/test_run.c b/net/bpf/test_run.c
> >>> index 4a862d605386..0cbd3b898c45 100644
> >>> --- a/net/bpf/test_run.c
> >>> +++ b/net/bpf/test_run.c
> >>> @@ -665,7 +665,7 @@ static void *bpf_test_init(const union bpf_attr *kattr, u32 user_size,
> >>>        void __user *data_in = u64_to_user_ptr(kattr->test.data_in);
> >>>        void *data;
> >>>
> >>> -     if (user_size < ETH_HLEN || user_size > PAGE_SIZE - headroom - tailroom)
> >>> +     if (user_size > PAGE_SIZE - headroom - tailroom)
> >>>                return ERR_PTR(-EINVAL);
> >>>
> >>>        size = SKB_DATA_ALIGN(size);
> >>> @@ -1001,6 +1001,9 @@ int bpf_prog_test_run_skb(struct bpf_prog *prog, const union bpf_attr *kattr,
> >>>            kattr->test.cpu || kattr->test.batch_size)
> >>>                return -EINVAL;
> >>>
> >>> +     if (size < ETH_HLEN)
> >>> +             return -EINVAL;
> >>> +
> >>>        data = bpf_test_init(kattr, kattr->test.data_size_in,
> >>>                             size, NET_SKB_PAD + NET_IP_ALIGN,
> >>>                             SKB_DATA_ALIGN(sizeof(struct skb_shared_info)));
> >>> @@ -1246,13 +1249,15 @@ int bpf_prog_test_run_xdp(struct bpf_prog *prog, const union bpf_attr *kattr,
> >>
> >> I just noticed it. It still needs a "size < ETH_HLEN" test at the beginning of
> >> test_run_xdp. At least the do_live mode should still needs to have ETH_HLEN bytes.
> >
> > Make sense. I will add the check for live mode.
>
> The earlier comment wasn't clear, my bad. no need to limit the ETH_HLEN test to
> live mode only. multi-frags or not, kattr->test.data_size_in should not be <
> ETH_HLEN.
>

Right. It seems the current size check is also off. It allows empty
xdp_buff as long as metadata is larger than ETH_HLEN.

>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ