GitHub-Mirror/Star64_linux
2
0
Fork 0
mirror of https://github.com/Fishwaldo/Star64_linux.git synced 2025-06-06 06:37:59 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
No description
723526 commits 24 branches 25 tags 2.7 GiB
C 97.9%
Assembly 1.1%
Shell 0.4%
Makefile 0.3%
Python 0.1%
Find a file
Gianluca Borello fd05e57bb3 bpf: fix stacksafe exploration when comparing states 
Commit cc2b14d510 ("bpf: teach verifier to recognize zero initialized
stack") introduced a very relaxed check when comparing stacks of different
states, effectively returning a positive result in many cases where it
shouldn't.

This can create problems in cases such as this following C pseudocode:

long var;
long *x = bpf_map_lookup(...);
if (!x)
        return;

if (*x != 0xbeef)
        var = 0;
else
        var = 1;

/* This is the key part, calling a helper causes an explored state
 * to be saved with the information that "var" is on the stack as
 * STACK_ZERO, since the helper is first met by the verifier after
 * the "var = 0" assignment. This state will however be wrongly used
 * also for the "var = 1" case, so the verifier assumes "var" is always
 * 0 and will replace the NULL assignment with nops, because the
 * search pruning prevents it from exploring the faulty branch.
 */
bpf_ktime_get_ns();

if (var)
        *(long *)0 = 0xbeef;

Fix the issue by making sure that the stack is fully explored before
returning a positive comparison result.

Also attach a couple tests that highlight the bad behavior. In the first
test, without this fix instructions 16 and 17 are replaced with nops
instead of being rejected by the verifier.

The second test, instead, allows a program to make a potentially illegal
read from the stack.

Fixes: cc2b14d510 ("bpf: teach verifier to recognize zero initialized stack")
Signed-off-by: Gianluca Borello <g.borello@gmail.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2017-12-23 11:04:58 -08:00
arch bpf: sparc64: Add JIT support for multi-function programs. 2017-12-23 01:00:52 +01:00
block
certs
crypto
Documentation
drivers cxgb4: Simplify PCIe Completion Timeout setting 2017-12-18 15:12:57 -05:00
firmware
fs Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2017-12-18 10:51:06 -05:00
include bpf: allow for correlation of maps and helpers in dump 2017-12-20 18:09:40 -08:00
init
ipc
kernel bpf: fix stacksafe exploration when comparing states 2017-12-23 11:04:58 -08:00
lib
mm
net bpf: make function xdp_do_generic_redirect_map() static 2017-12-19 01:37:16 +01:00
samples Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2017-12-18 10:51:06 -05:00
scripts
security
sound
tools bpf: fix stacksafe exploration when comparing states 2017-12-23 11:04:58 -08:00
usr
virt
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS
Makefile
README

README 

Linux kernel
============

This file was moved to Documentation/admin-guide/README.rst

Please notice that there are several guides for kernel developers and users.
These guides can be rendered in a number of formats, like HTML and PDF.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.