diff options
author | Alexei Starovoitov <ast@kernel.org> | 2020-05-15 08:10:36 -0700 |
---|---|---|
committer | Alexei Starovoitov <ast@kernel.org> | 2020-05-15 08:15:07 -0700 |
commit | 59df9f1fb4977b40cfad8d07b0d5baeb3a07e22c (patch) | |
tree | bb520b4c58247f567a586756c98ab5840d21f8f8 /kernel/bpf | |
parent | 6d74f64b922b8394dccc52576659cb0dc0a1da7b (diff) | |
parent | b2a5212fb634561bb734c6356904e37f6665b955 (diff) |
Merge branch 'restrict-bpf_probe_read'
Daniel Borkmann says:
====================
Small set of fixes in order to restrict BPF helpers for tracing which are
broken on archs with overlapping address ranges as per discussion in [0].
I've targetted this for -bpf tree so they can be routed as fixes. Thanks!
v1 -> v2:
- switch to reusable %pks, %pus format specifiers (Yonghong)
- fixate %s on kernel_ds probing for archs with overlapping addr space
[0] https://lore.kernel.org/bpf/CAHk-=wjJKo0GVixYLmqPn-Q22WFu0xHaBSjKEo7e7Yw72y5SPQ@mail.gmail.com/T/
====================
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Diffstat (limited to 'kernel/bpf')
-rw-r--r-- | kernel/bpf/verifier.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index a44ba6672688..8d7ee40e2748 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -4340,7 +4340,9 @@ static void do_refine_retval_range(struct bpf_reg_state *regs, int ret_type, if (ret_type != RET_INTEGER || (func_id != BPF_FUNC_get_stack && - func_id != BPF_FUNC_probe_read_str)) + func_id != BPF_FUNC_probe_read_str && + func_id != BPF_FUNC_probe_read_kernel_str && + func_id != BPF_FUNC_probe_read_user_str)) return; ret_reg->smax_value = meta->msize_max_value; |