Re: [PATCH net] bpf: don't let ldimm64 leak map addresses on unprivileged

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Daniel Borkmann <daniel@iogearbox.net>
To: davem@davemloft.net
Cc: alexei.starovoitov@gmail.com, jannh@google.com, kafai@fb.com,
	netdev@vger.kernel.org
Subject: Re: [PATCH net] bpf: don't let ldimm64 leak map addresses on unprivileged
Date: Mon, 08 May 2017 10:44:46 +0200	[thread overview]
Message-ID: <59102FFE.8000701@iogearbox.net> (raw)
In-Reply-To: <793c517a7d163c613ab886eb02d32efea9f902fd.1494194233.git.daniel@iogearbox.net>

On 05/08/2017 12:04 AM, Daniel Borkmann wrote:
> The patch fixes two things at once:
>
> 1) It checks the env->allow_ptr_leaks and only prints the map address to
>     the log if we have the privileges to do so, otherwise it just dumps 0
>     as we would when kptr_restrict is enabled on %pK. Given the latter is
>     off by default and not every distro sets it, I don't want to rely on
>     this, hence the 0 by default for unprivileged.
>
> 2) Printing of ldimm64 in the verifier log is currently broken in that
>     we don't print the full immediate, but only the 32 bit part of the
>     first insn part for ldimm64. Thus, fix this up as well; it's okay to
>     access, since we verified all ldimm64 earlier already (including just
>     constants) through replace_map_fd_with_map_ptr().

This one is also needed for the log (should come first):

Fixes: 1be7f75d1668 ("bpf: enable non-root eBPF programs")

> Fixes: cbd357008604 ("bpf: verifier (add ability to receive verification log)")
> Reported-by: Jann Horn <jannh@google.com>
> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>

Thanks,
Daniel

next prev parent reply	other threads:[~2017-05-08  8:44 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-05-07 22:04 [PATCH net] bpf: don't let ldimm64 leak map addresses on unprivileged Daniel Borkmann
2017-05-07 22:26 ` Jann Horn
2017-05-07 22:51   ` Daniel Borkmann
2017-05-07 22:54     ` Jann Horn
2017-05-08  8:44 ` Daniel Borkmann [this message]
2017-05-08 17:18 ` Alexei Starovoitov
2017-05-08 19:08 ` David Miller

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=59102FFE.8000701@iogearbox.net \
    --to=daniel@iogearbox.net \
    --cc=alexei.starovoitov@gmail.com \
    --cc=davem@davemloft.net \
    --cc=jannh@google.com \
    --cc=kafai@fb.com \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.