tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf

Daniel Borkmann says:

====================
pull-request: bpf 2021-01-29

1) Fix two copy_{from,to}_user() warn_on_once splats for BPF cgroup getsockopt
infra when user space is trying to race against optlen, from Loris Reiff.

2) Fix a missing fput() in BPF inode storage map update helper, from Pan Bian.

3) Fix a build error on unresolved symbols on disabled networking / keys LSM
hooks, from Mikko Ylinen.

4) Fix preload BPF prog build when the output directory from make points to a
relative path, from Quentin Monnet.

* https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf:
bpf, preload: Fix build when $(O) points to a relative path
bpf: Drop disabled LSM hooks from the sleepable set
bpf, inode_storage: Put file handler if no storage was found
bpf, cgroup: Fix problematic bounds check
bpf, cgroup: Fix optlen WARN_ON_ONCE toctou
====================

Link: https://lore.kernel.org/r/20210129001556.6648-1-daniel@iogearbox.net
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

Jakub Kicinski 06cc6e5d 909b447d

+27 -3
+5 -1
kernel/bpf/bpf_inode_storage.c
··· 125 125 126 126 fd = *(int *)key; 127 127 f = fget_raw(fd); 128 - if (!f || !inode_storage_ptr(f->f_inode)) 128 + if (!f) 129 129 return -EBADF; 130 + if (!inode_storage_ptr(f->f_inode)) { 131 + fput(f); 132 + return -EBADF; 133 + } 130 134 131 135 sdata = bpf_local_storage_update(f->f_inode, 132 136 (struct bpf_local_storage_map *)map,
+12
kernel/bpf/bpf_lsm.c
··· 149 149 BTF_ID(func, bpf_lsm_file_lock) 150 150 BTF_ID(func, bpf_lsm_file_open) 151 151 BTF_ID(func, bpf_lsm_file_receive) 152 + 153 + #ifdef CONFIG_SECURITY_NETWORK 152 154 BTF_ID(func, bpf_lsm_inet_conn_established) 155 + #endif /* CONFIG_SECURITY_NETWORK */ 156 + 153 157 BTF_ID(func, bpf_lsm_inode_create) 154 158 BTF_ID(func, bpf_lsm_inode_free_security) 155 159 BTF_ID(func, bpf_lsm_inode_getattr) ··· 170 166 BTF_ID(func, bpf_lsm_inode_unlink) 171 167 BTF_ID(func, bpf_lsm_kernel_module_request) 172 168 BTF_ID(func, bpf_lsm_kernfs_init_security) 169 + 170 + #ifdef CONFIG_KEYS 173 171 BTF_ID(func, bpf_lsm_key_free) 172 + #endif /* CONFIG_KEYS */ 173 + 174 174 BTF_ID(func, bpf_lsm_mmap_file) 175 175 BTF_ID(func, bpf_lsm_netlink_send) 176 176 BTF_ID(func, bpf_lsm_path_notify) ··· 189 181 BTF_ID(func, bpf_lsm_sb_statfs) 190 182 BTF_ID(func, bpf_lsm_sb_umount) 191 183 BTF_ID(func, bpf_lsm_settime) 184 + 185 + #ifdef CONFIG_SECURITY_NETWORK 192 186 BTF_ID(func, bpf_lsm_socket_accept) 193 187 BTF_ID(func, bpf_lsm_socket_bind) 194 188 BTF_ID(func, bpf_lsm_socket_connect) ··· 205 195 BTF_ID(func, bpf_lsm_socket_sendmsg) 206 196 BTF_ID(func, bpf_lsm_socket_shutdown) 207 197 BTF_ID(func, bpf_lsm_socket_socketpair) 198 + #endif /* CONFIG_SECURITY_NETWORK */ 199 + 208 200 BTF_ID(func, bpf_lsm_syslog) 209 201 BTF_ID(func, bpf_lsm_task_alloc) 210 202 BTF_ID(func, bpf_lsm_task_getsecid)
+6 -1
kernel/bpf/cgroup.c
··· 1442 1442 goto out; 1443 1443 } 1444 1444 1445 + if (ctx.optlen < 0) { 1446 + ret = -EFAULT; 1447 + goto out; 1448 + } 1449 + 1445 1450 if (copy_from_user(ctx.optval, optval, 1446 1451 min(ctx.optlen, max_optlen)) != 0) { 1447 1452 ret = -EFAULT; ··· 1464 1459 goto out; 1465 1460 } 1466 1461 1467 - if (ctx.optlen > max_optlen) { 1462 + if (ctx.optlen > max_optlen || ctx.optlen < 0) { 1468 1463 ret = -EFAULT; 1469 1464 goto out; 1470 1465 }
+4 -1
kernel/bpf/preload/Makefile
··· 4 4 LIBBPF_A = $(obj)/libbpf.a 5 5 LIBBPF_OUT = $(abspath $(obj)) 6 6 7 + # Although not in use by libbpf's Makefile, set $(O) so that the "dummy" test 8 + # in tools/scripts/Makefile.include always succeeds when building the kernel 9 + # with $(O) pointing to a relative path, as in "make O=build bindeb-pkg". 7 10 $(LIBBPF_A): 8 - $(Q)$(MAKE) -C $(LIBBPF_SRCS) OUTPUT=$(LIBBPF_OUT)/ $(LIBBPF_OUT)/libbpf.a 11 + $(Q)$(MAKE) -C $(LIBBPF_SRCS) O=$(LIBBPF_OUT)/ OUTPUT=$(LIBBPF_OUT)/ $(LIBBPF_OUT)/libbpf.a 9 12 10 13 userccflags += -I $(srctree)/tools/include/ -I $(srctree)/tools/include/uapi \ 11 14 -I $(srctree)/tools/lib/ -Wno-unused-result