On Thu, Nov 21, 2019 at 10:43:28AM +0100, Daniel Borkmann wrote: > On 11/21/19 8:43 AM, Wang YanQing wrote: > > commit 711aef1bbf88212a21f7103e88f397b47a528805 upstream. > > > > The current method to compare 64-bit numbers for conditional jump is: > > > > 1) Compare the high 32-bit first. > > > > 2) If the high 32-bit isn't the same, then goto step 4. > > > > 3) Compare the low 32-bit. > > > > 4) Check the desired condition. > > > > This method is right for unsigned comparison, but it is buggy for signed > > comparison, because it does signed comparison for low 32-bit too. > > > > There is only one sign bit in 64-bit number, that is the MSB in the 64-bit > > number, it is wrong to treat low 32-bit as signed number and do the signed > > comparison for it. > > > > This patch fixes the bug. > > > > Note: > > The original commit adds a testcase in selftests/bpf for such bug, this > > backport patch doesn't include the testcase, because the testcase needs > > another upstream commit. > > > > Link: https://bugzilla.kernel.org/show_bug.cgi?id=205469 > > Reported-by: Tony Ambardar <itugrok@xxxxxxxxx> > > Cc: Tony Ambardar <itugrok@xxxxxxxxx> > > Cc: stable@xxxxxxxxxxxxxxx #v4.19 > > Signed-off-by: Wang YanQing <udknight@xxxxxxxxx> > > Signed-off-by: Daniel Borkmann <daniel@xxxxxxxxxxxxx> > > Thanks a lot for backporting & testing, Wang, much appreciated! Greg, if you get a > chance, please queue this & the other stable requests from Wang up. All now queued up, thanks. greg k-h
