From mboxrd@z Thu Jan  1 00:00:00 1970
From: Alexei Starovoitov <ast@kernel.org>
Subject: [PATCH bpf 0/9] bpf: verifier security fixes
Date: Mon, 18 Dec 2017 20:11:52 -0800
Message-ID: <20171219041201.1979983-1-ast@kernel.org>
Mime-Version: 1.0
Content-Type: text/plain
Cc: Daniel Borkmann <daniel@iogearbox.net>,
        Jann Horn <jannh@google.com>,
        Edward Cree <ecree@solarflare.com>, <netdev@vger.kernel.org>,
        <kernel-team@fb.com>
To: "David S . Miller" <davem@davemloft.net>
Return-path: <netdev-owner@vger.kernel.org>
Received: from mx0b-00082601.pphosted.com ([67.231.153.30]:44592 "EHLO
        mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-FAIL)
        by vger.kernel.org with ESMTP id S936793AbdLSEME (ORCPT
        <rfc822;netdev@vger.kernel.org>); Mon, 18 Dec 2017 23:12:04 -0500
Received: from pps.filterd (m0089730.ppops.net [127.0.0.1])
        by m0089730.ppops.net (8.16.0.21/8.16.0.21) with SMTP id vBJ49PdY022271
        for <netdev@vger.kernel.org>; Mon, 18 Dec 2017 20:12:04 -0800
Received: from mail.thefacebook.com ([199.201.64.23])
        by m0089730.ppops.net with ESMTP id 2exn1cry1k-2
        (version=TLSv1 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NOT)
        for <netdev@vger.kernel.org>; Mon, 18 Dec 2017 20:12:03 -0800
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>

This patch set addresses a set of security vulnerabilities
in bpf verifier logic discovered by Jann Horn.
All of the patches are candidates for 4.14 stable.

Alexei Starovoitov (1):
  bpf: fix integer overflows

Edward Cree (1):
  bpf/verifier: fix bounds calculation on BPF_RSH

Jann Horn (7):
  bpf: fix incorrect sign extension in check_alu_op()
  bpf: fix incorrect tracking of register size truncation
  bpf: fix 32-bit ALU op verification
  bpf: fix missing error return in check_stack_boundary()
  bpf: force strict alignment checks for stack pointers
  bpf: don't prune branches when a scalar is replaced with a pointer
  selftests/bpf: add tests for recent bugfixes

 include/linux/bpf_verifier.h                |   4 +-
 kernel/bpf/verifier.c                       | 175 ++++++---
 tools/testing/selftests/bpf/test_verifier.c | 549 +++++++++++++++++++++++++++-
 3 files changed, 661 insertions(+), 67 deletions(-)

-- 
2.9.5