Hello:
This series was applied to bpf/bpf-next.git (master)
by Andrii Nakryiko <andrii@xxxxxxxxxx>:
On Wed, 24 Jul 2024 12:14:58 -0500 you wrote:
> In struct bpf_struct_ops, we have take a pointer to a BTF type name, and
> a struct btf_type. This was presumably done for convenience, but can
> actually result in subtle and confusing bugs given that BTF data can be
> invalidated before a program is loaded. For example, in sched_ext, we
> may sometimes resize a data section after a skeleton has been opened,
> but before the struct_ops scheduler map has been loaded. This may cause
> the BTF data to be realloc'd, which can then cause a UAF when loading
> the program because the struct_ops map has pointers directly into the
> BTF data.
>
> [...]
Here is the summary with links:
- [bpf-next,1/2] libbpf: Don't take direct pointers into BTF data from st_ops
https://git.kernel.org/bpf/bpf-next/c/7244100e0389
- [bpf-next,2/2] selftests/bpf: Add test for resizing data map with struct_ops
(no matching commit)
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
