[PATCH 4.19 0/4] bpf: backport fixes for CVE-2021-33624

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



NOTE: the fixes were manually adjusted to apply to 4.19, so copying bpf@ to see
if there are any concerns.

With this patchseries all bpf verifier selftests pass:
root@intel-x86-64:~# ./test_verifier
...
#657/u pass modified ctx pointer to helper, 2 OK
#657/p pass modified ctx pointer to helper, 2 OK
#658/p pass modified ctx pointer to helper, 3 OK
#659/p mov64 src == dst OK
#660/p mov64 src != dst OK
#661/u calls: ctx read at start of subprog OK
#661/p calls: ctx read at start of subprog OK
Summary: 925 PASSED, 0 SKIPPED, 0 FAILED

Daniel Borkmann (4):
  bpf: Inherit expanded/patched seen count from old aux data
  bpf: Do not mark insn as seen under speculative path verification
  bpf: Fix leakage under speculation on mispredicted branches
  bpf, selftests: Adjust few selftest outcomes wrt unreachable code

 kernel/bpf/verifier.c                       | 68 ++++++++++++++++++---
 tools/testing/selftests/bpf/test_verifier.c |  2 +
 2 files changed, 62 insertions(+), 8 deletions(-)

-- 
2.25.1




[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux