AcoSail/kernel_optimize_test
8
0
Fork 0
forked from luck/tmp_suning_uos_patched
Code Pull Requests Activity
977,962 Commits 7 Branches 0 Tags 1.9 GiB
C 98%
Assembly 1.1%
Shell 0.3%
Makefile 0.3%
Python 0.1%
Other 0.1%
064faa8e8a
Go to file
Tatsuhiko Yasumatsu 064faa8e8a bpf: Fix integer overflow in prealloc_elems_and_freelist() 
[ Upstream commit 30e29a9a2bc6a4888335a6ede968b75cd329657a ]

In prealloc_elems_and_freelist(), the multiplication to calculate the
size passed to bpf_map_area_alloc() could lead to an integer overflow.
As a result, out-of-bounds write could occur in pcpu_freelist_populate()
as reported by KASAN:

[...]
[   16.968613] BUG: KASAN: slab-out-of-bounds in pcpu_freelist_populate+0xd9/0x100
[   16.969408] Write of size 8 at addr ffff888104fc6ea0 by task crash/78
[   16.970038]
[   16.970195] CPU: 0 PID: 78 Comm: crash Not tainted 5.15.0-rc2+ #1
[   16.970878] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014
[   16.972026] Call Trace:
[   16.972306]  dump_stack_lvl+0x34/0x44
[   16.972687]  print_address_description.constprop.0+0x21/0x140
[   16.973297]  ? pcpu_freelist_populate+0xd9/0x100
[   16.973777]  ? pcpu_freelist_populate+0xd9/0x100
[   16.974257]  kasan_report.cold+0x7f/0x11b
[   16.974681]  ? pcpu_freelist_populate+0xd9/0x100
[   16.975190]  pcpu_freelist_populate+0xd9/0x100
[   16.975669]  stack_map_alloc+0x209/0x2a0
[   16.976106]  __sys_bpf+0xd83/0x2ce0
[...]

The possibility of this overflow was originally discussed in [0], but
was overlooked.

Fix the integer overflow by changing elem_size to u64 from u32.

  [0] https://lore.kernel.org/bpf/728b238e-a481-eb50-98e9-b0f430ab01e7@gmail.com/

Fixes: 557c0c6e7d ("bpf: convert stackmap to pre-allocation")
Signed-off-by: Tatsuhiko Yasumatsu <th.yasumatsu@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/20210930135545.173698-1-th.yasumatsu@gmail.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
2021-10-13 10:04:26 +02:00
arch bpf, arm: Fix register clobbering in div/mod implementation 2021-10-13 10:04:26 +02:00
block Revert "block, bfq: honor already-setup queue merges" 2021-10-06 15:55:56 +02:00
certs certs: Trigger creation of RSA module signing key if it's not an RSA key 2021-09-15 09:50:29 +02:00
crypto
Documentation dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation 2021-09-22 12:27:59 +02:00
drivers soc: ti: omap-prm: Fix external abort for am335x pruss 2021-10-13 10:04:26 +02:00
fs nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero 2021-10-13 10:04:24 +02:00
include libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD. 2021-10-09 14:40:58 +02:00
init
ipc
kernel bpf: Fix integer overflow in prealloc_elems_and_freelist() 2021-10-13 10:04:26 +02:00
lib treewide: Change list_sort to use const pointers 2021-09-30 10:11:04 +02:00
LICENSES
mm mm: don't allow oversized kvmalloc() calls 2021-10-06 15:56:03 +02:00
net SUNRPC: fix sign error causing rpcsec_gss drops 2021-10-13 10:04:24 +02:00
samples samples: bpf: Fix tracex7 error raised on the missing argument 2021-09-18 13:40:23 +02:00
scripts gen_compile_commands: fix missing 'sys' package 2021-09-22 12:27:58 +02:00
security Smack: Fix wrong semantics in smk_access_entry() 2021-09-18 13:40:18 +02:00
sound ASoC: dapm: use component prefix when checking widget names 2021-10-06 15:56:02 +02:00
tools selftests: KVM: Align SMCCC call with the spec in steal_time 2021-10-09 14:40:57 +02:00
usr
virt KVM: do not shrink halt_poll_ns below grow_start 2021-10-09 14:40:58 +02:00
.clang-format
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS
Makefile Linux 5.10.72 2021-10-09 14:40:58 +02:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.