diff options
| author |   Alexei Starovoitov <ast@kernel.org> | 2020-05-15 08:10:36 -0700 |
|---|---|---|
| committer | Alexei Starovoitov <ast@kernel.org> | 2020-05-15 08:15:07 -0700 |
| commit | 59df9f1fb4977b40cfad8d07b0d5baeb3a07e22c (patch) | |
| tree | bb520b4c58247f567a586756c98ab5840d21f8f8 /kernel/bpf | |
| parent | selftests/bpf: Enforce returning 0 for fentry/fexit programs (diff) | |
| parent | bpf: Restrict bpf_trace_printk()'s %s usage and add %pks, %pus specifier (diff) | |
| download | linux-dev-59df9f1fb4977b40cfad8d07b0d5baeb3a07e22c.tar.xz linux-dev-59df9f1fb4977b40cfad8d07b0d5baeb3a07e22c.zip | |
Merge branch 'restrict-bpf_probe_read'
Daniel Borkmann says:
====================
Small set of fixes in order to restrict BPF helpers for tracing which are
broken on archs with overlapping address ranges as per discussion in [0].
I've targetted this for -bpf tree so they can be routed as fixes. Thanks!
v1 -> v2:
- switch to reusable %pks, %pus format specifiers (Yonghong)
- fixate %s on kernel_ds probing for archs with overlapping addr space
[0] https://lore.kernel.org/bpf/CAHk-=wjJKo0GVixYLmqPn-Q22WFu0xHaBSjKEo7e7Yw72y5SPQ@mail.gmail.com/T/
====================
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Diffstat (limited to 'kernel/bpf')
| -rw-r--r-- | kernel/bpf/verifier.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index a44ba6672688..8d7ee40e2748 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -4340,7 +4340,9 @@ static void do_refine_retval_range(struct bpf_reg_state *regs, int ret_type, if (ret_type != RET_INTEGER || (func_id != BPF_FUNC_get_stack && - func_id != BPF_FUNC_probe_read_str)) + func_id != BPF_FUNC_probe_read_str && + func_id != BPF_FUNC_probe_read_kernel_str && + func_id != BPF_FUNC_probe_read_user_str)) return; ret_reg->smax_value = meta->msize_max_value; |