* [PATCH bpf-next] libbpf: Use OPTS_SET() macro in bpf_xdp_query()
@ 2024-02-06 12:59 Toke Høiland-Jørgensen
2024-02-06 18:00 ` patchwork-bot+netdevbpf
0 siblings, 1 reply; 2+ messages in thread
From: Toke Høiland-Jørgensen @ 2024-02-06 12:59 UTC (permalink / raw)
To: Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko,
Martin KaFai Lau, Eduard Zingerman, Song Liu, Yonghong Song,
John Fastabend, KP Singh, Stanislav Fomichev, Hao Luo, Jiri Olsa,
David S. Miller, Jakub Kicinski, Jesper Dangaard Brouer,
Maciej Fijalkowski
Cc: Toke Høiland-Jørgensen, bpf, netdev
When the feature_flags and xdp_zc_max_segs fields were added to the libbpf
bpf_xdp_query_opts, the code writing them did not use the OPTS_SET() macro.
This causes libbpf to write to those fields unconditionally, which means
that programs compiled against an older version of libbpf (with a smaller
size of the bpf_xdp_query_opts struct) will have its stack corrupted by
libbpf writing out of bounds.
The patch adding the feature_flags field has an early bail out if the
feature_flags field is not part of the opts struct (via the OPTS_HAS)
macro, but the patch adding xdp_zc_max_segs does not. For consistency, this
fix just changes the assignments to both fields to use the OPTS_SET()
macro.
Fixes: 13ce2daa259a ("xsk: add new netlink attribute dedicated for ZC max frags")
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
---
tools/lib/bpf/netlink.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tools/lib/bpf/netlink.c b/tools/lib/bpf/netlink.c
index 090bcf6e3b3d..68a2def17175 100644
--- a/tools/lib/bpf/netlink.c
+++ b/tools/lib/bpf/netlink.c
@@ -496,8 +496,8 @@ int bpf_xdp_query(int ifindex, int xdp_flags, struct bpf_xdp_query_opts *opts)
if (err)
return libbpf_err(err);
- opts->feature_flags = md.flags;
- opts->xdp_zc_max_segs = md.xdp_zc_max_segs;
+ OPTS_SET(opts, feature_flags, md.flags);
+ OPTS_SET(opts, xdp_zc_max_segs, md.xdp_zc_max_segs);
skip_feature_flags:
return 0;
--
2.43.0
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH bpf-next] libbpf: Use OPTS_SET() macro in bpf_xdp_query()
2024-02-06 12:59 [PATCH bpf-next] libbpf: Use OPTS_SET() macro in bpf_xdp_query() Toke Høiland-Jørgensen
@ 2024-02-06 18:00 ` patchwork-bot+netdevbpf
0 siblings, 0 replies; 2+ messages in thread
From: patchwork-bot+netdevbpf @ 2024-02-06 18:00 UTC (permalink / raw)
To: =?utf-8?b?VG9rZSBIw7hpbGFuZC1Kw7hyZ2Vuc2VuIDx0b2tlQHJlZGhhdC5jb20+?=
Cc: ast, daniel, andrii, martin.lau, eddyz87, song, yonghong.song,
john.fastabend, kpsingh, sdf, haoluo, jolsa, davem, kuba, hawk,
maciej.fijalkowski, bpf, netdev
Hello:
This patch was applied to bpf/bpf-next.git (master)
by Andrii Nakryiko <andrii@kernel.org>:
On Tue, 6 Feb 2024 13:59:22 +0100 you wrote:
> When the feature_flags and xdp_zc_max_segs fields were added to the libbpf
> bpf_xdp_query_opts, the code writing them did not use the OPTS_SET() macro.
> This causes libbpf to write to those fields unconditionally, which means
> that programs compiled against an older version of libbpf (with a smaller
> size of the bpf_xdp_query_opts struct) will have its stack corrupted by
> libbpf writing out of bounds.
>
> [...]
Here is the summary with links:
- [bpf-next] libbpf: Use OPTS_SET() macro in bpf_xdp_query()
https://git.kernel.org/bpf/bpf-next/c/92a871ab9fa5
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2024-02-06 18:00 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-02-06 12:59 [PATCH bpf-next] libbpf: Use OPTS_SET() macro in bpf_xdp_query() Toke Høiland-Jørgensen
2024-02-06 18:00 ` patchwork-bot+netdevbpf
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).