On Tue, Dec 5, 2023 at 3:35 PM Eduard Zingerman <eddyz87@xxxxxxxxx> wrote: > > On Tue, 2023-12-05 at 14:32 -0500, Andrei Matei wrote: > > V2 to V3: > > - simplify checks for max_off (don't call > > check_stack_slot_within_bounds for it) > > - append a commit to protect against overflow in the addition of the > > register and the offset > > > > V1 to V2: > > - fix max_off calculation for access size = 0 > > > > Andrei Matei (2): > > bpf: fix verification of indirect var-off stack access > > bpf: guard stack limits against 32bit overflow > > > > kernel/bpf/verifier.c | 20 +++++++------------- > > 1 file changed, 7 insertions(+), 13 deletions(-) > > > > I think we also need a selftest, at-least for patch #1. Also pls target bpf-next. It's a fix, but it's getting non obvious. We only push absolutely necessary fixes to bpf tree. Everything non trivial goes via bpf-next to prove itself.
