Patch "xdp: use trusted arguments in XDP hints kfuncs" has been added to the 6.4-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Sun, 16 Jul 2023 21:07:32 -0400

This is a note to let you know that I've just added the patch titled

    xdp: use trusted arguments in XDP hints kfuncs

to the 6.4-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     xdp-use-trusted-arguments-in-xdp-hints-kfuncs.patch
and it can be found in the queue-6.4 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit ef7d0bc0116eed8b256212c207fd0aaa11f2a936
Author: Larysa Zaremba <larysa.zaremba@xxxxxxxxx>
Date:   Tue Jul 11 12:59:26 2023 +0200

    xdp: use trusted arguments in XDP hints kfuncs
    
    [ Upstream commit 2e06c57d66d3f6c26faa5f5b479fb3add34ce85a ]
    
    Currently, verifier does not reject XDP programs that pass NULL pointer to
    hints functions. At the same time, this case is not handled in any driver
    implementation (including veth). For example, changing
    
    bpf_xdp_metadata_rx_timestamp(ctx, &timestamp);
    
    to
    
    bpf_xdp_metadata_rx_timestamp(ctx, NULL);
    
    in xdp_metadata test successfully crashes the system.
    
    Add KF_TRUSTED_ARGS flag to hints kfunc definitions, so driver code
    does not have to worry about getting invalid pointers.
    
    Fixes: 3d76a4d3d4e5 ("bpf: XDP metadata RX kfuncs")
    Reported-by: Stanislav Fomichev <sdf@xxxxxxxxxx>
    Closes: https://lore.kernel.org/bpf/ZKWo0BbpLfkZHbyE@xxxxxxxxxx/
    Signed-off-by: Larysa Zaremba <larysa.zaremba@xxxxxxxxx>
    Acked-by: Jesper Dangaard Brouer <hawk@xxxxxxxxxx>
    Acked-by: Stanislav Fomichev <sdf@xxxxxxxxxx>
    Link: https://lore.kernel.org/r/20230711105930.29170-1-larysa.zaremba@xxxxxxxxx
    Signed-off-by: Alexei Starovoitov <ast@xxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/net/core/xdp.c b/net/core/xdp.c
index 41e5ca8643ec9..8362130bf085d 100644
--- a/net/core/xdp.c
+++ b/net/core/xdp.c
@@ -741,7 +741,7 @@ __bpf_kfunc int bpf_xdp_metadata_rx_hash(const struct xdp_md *ctx, u32 *hash,
 __diag_pop();
 
 BTF_SET8_START(xdp_metadata_kfunc_ids)
-#define XDP_METADATA_KFUNC(_, name) BTF_ID_FLAGS(func, name, 0)
+#define XDP_METADATA_KFUNC(_, name) BTF_ID_FLAGS(func, name, KF_TRUSTED_ARGS)
 XDP_METADATA_KFUNC_xxx
 #undef XDP_METADATA_KFUNC
 BTF_SET8_END(xdp_metadata_kfunc_ids)






