raspi/linux
1
0
Fork 1
mirror of https://github.com/raspberrypi/linux.git synced 2025-12-06 18:09:56 +00:00
Code Issues Projects Releases Wiki Activity
Files
11d483cec89a33c6fc1bdd08901b0da723d6f2b9
linux/kernel
History
Alexei Starovoitov 6ee16f4a03 bpf: fix verifier memory corruption 
[ Upstream commit c3de6317d7 ]

Due to missing bounds check the DAG pass of the BPF verifier can corrupt
the memory which can cause random crashes during program loading:

[8.449451] BUG: unable to handle kernel paging request at ffffffffffffffff
[8.451293] IP: [<ffffffff811de33d>] kmem_cache_alloc_trace+0x8d/0x2f0
[8.452329] Oops: 0000 [#1] SMP
[8.452329] Call Trace:
[8.452329]  [<ffffffff8116cc82>] bpf_check+0x852/0x2000
[8.452329]  [<ffffffff8116b7e4>] bpf_prog_load+0x1e4/0x310
[8.452329]  [<ffffffff811b190f>] ? might_fault+0x5f/0xb0
[8.452329]  [<ffffffff8116c206>] SyS_bpf+0x806/0xa30

Fixes: f1bca824da ("bpf: add search pruning optimization to verifier")
Signed-off-by: Alexei Starovoitov <ast@plumgrid.com>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
2015-04-27 16:48:31 -04:00
..
bpf
bpf: fix verifier memory corruption
2015-04-27 16:48:31 -04:00
configs
x86: Add "make tinyconfig" to configure the tiniest possible kernel
2014-08-08 16:30:24 -07:00
debug
kdb: fix incorrect counts in KDB summary command output
2015-03-06 14:53:01 -08:00
events
perf: Fix irq_work 'tail' recursion
2015-04-16 20:11:43 -04:00
gcov
gcov: add ARM64 to GCOV_PROFILE_ALL
2014-10-29 16:33:14 -07:00
irq
genirq: Prevent proc race against freeing of irq descriptors
2015-01-27 08:29:37 -08:00
locking
locking/rtmutex: Avoid a NULL pointer dereference on deadlock
2015-03-23 21:02:44 -04:00
power
Revert "PM / hibernate: avoid unsafe pages in e820 reserved regions"
2015-04-24 17:14:04 -04:00
printk
console: Fix console name size mismatch
2015-03-28 09:36:33 -04:00
rcu
rcu: Make rcu_barrier() understand about missing rcuo kthreads
2014-10-28 13:24:13 -07:00
sched
sched: Fix RLIMIT_RTTIME when PI-boosting to RT
2015-04-24 17:13:43 -04:00
time
timers/tick/broadcast-hrtimer: Fix suspicious RCU usage in idle loop
2015-04-24 17:14:12 -04:00
trace
ftrace: Fix ftrace enable ordering of sysctl ftrace_enabled
2015-03-28 09:37:25 -04:00
.gitignore
Ignore generated file kernel/x509_certificate_list
2013-12-10 18:21:34 +00:00
acct.c
acct: eliminate compile warning
2014-10-09 22:26:04 -04:00
async.c
kernel/async.c: switch to pr_foo()
2014-10-09 22:26:04 -04:00
audit_tree.c
audit: keep inode pinned
2014-11-11 14:20:22 -05:00
audit_watch.c
audit: invalid op= values for rules
2014-09-23 16:37:53 -04:00
audit.c
audit: use supplied gfp_mask from audit_buffer in kauditd_send_multicast_skb
2015-01-08 10:30:27 -08:00
audit.h
audit: reduce scope of audit_log_fcaps
2014-09-23 16:37:51 -04:00
auditfilter.c
audit: restore AUDIT_LOGINUID unset ABI
2015-01-08 10:30:27 -08:00
auditsc.c
Merge git://git.infradead.org/users/eparis/audit
2014-10-19 16:25:56 -07:00
backtracetest.c
kernel/backtracetest.c: replace no level printk by pr_info()
2014-06-04 16:54:14 -07:00
bounds.c
page-cgroup: get rid of NR_PCG_FLAGS
2014-08-08 15:57:18 -07:00
capability.c
CAPABILITIES: remove undefined caps from all processes
2014-07-24 21:53:47 +10:00
cgroup_freezer.c
cgroup: rename cgroup_subsys->base_cftypes to ->legacy_cftypes
2014-07-15 11:05:09 -04:00
cgroup.c
Merge branch 'for-3.18' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu
2014-10-10 07:26:02 -04:00
compat.c
compat: nanosleep: Clarify error handling
2014-09-06 12:58:18 +02:00
configs.c
proc: Supply PDE attribute setting accessor functions
2013-05-01 17:29:18 -04:00
context_tracking.c
sched: stop the unbound recursion in preempt_schedule_context()
2014-10-28 10:46:05 +01:00
cpu_pm.c
cpu.c
rcu: More on deadlock between CPU hotplug and expedited grace periods
2014-10-23 07:51:17 -07:00
cpuset.c
cpuset: Fix cpuset sched_relax_domain_level
2015-03-28 09:42:58 -04:00
crash_dump.c
crash_dump: Make is_kdump_kernel() accessible from modules
2014-08-25 15:42:19 -07:00
cred.c
delayacct.c
delayacct: Remove braindamaged type conversions
2014-07-23 10:18:06 -07:00
dma.c
elfcore.c
switch elf_core_write_extra_phdrs() to dump_emit()
2013-11-09 00:16:23 -05:00
exec_domain.c
kernel/exec_domain.c: code clean-up
2014-06-04 16:54:15 -07:00
exit.c
exit: fix race between wait_consider_task() and wait_task_zombie()
2015-01-16 06:59:57 -08:00
extable.c
asmlinkage: Make main_extable_sort_needed visible
2014-02-13 18:13:22 -08:00
fork.c
Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2014-10-13 16:23:15 +02:00
freezer.c
freezer: remove obsolete comments in __thaw_task()
2014-10-21 23:44:20 +02:00
futex_compat.c
compat: Get rid of (get|put)_compat_time(val|spec)
2014-02-02 14:09:12 -08:00
futex.c
futex: Fix a race condition between REQUEUE_PI and task death
2014-10-26 16:16:18 +01:00
groups.c
userns: Don't allow setgroups until a gid mapping has been setablished
2015-01-08 10:30:25 -08:00
hung_task.c
kernel/hung_task.c: convert simple_strtoul to kstrtouint
2014-06-04 16:54:15 -07:00
irq_work.c
Merge branch 'for-3.18-consistent-ops' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu
2014-10-15 07:48:18 +02:00
jump_label.c
static_key: WARN on usage before jump_label_init was called
2013-10-19 19:45:35 -04:00
kallsyms.c
kernel/kallsyms.c: use __seq_open_private()
2014-10-14 02:18:16 +02:00
kcmp.c
kcmp: fix standard comparison bug
2014-09-10 15:42:12 -07:00
Kconfig.freezer
Kconfig.hz
kernel: remove CONFIG_USE_GENERIC_SMP_HELPERS
2013-11-15 09:32:22 +09:00
Kconfig.locks
locking/rwsem: Add CONFIG_RWSEM_SPIN_ON_OWNER
2014-07-16 14:57:13 +02:00
Kconfig.preempt
kexec.c
kexec: remove the unused function parameter
2014-10-14 02:18:21 +02:00
kmod.c
kernel/kmod: fix use-after-free of the sub_info structure
2014-10-29 16:33:14 -07:00
kprobes.c
kprobes: Skip kretprobe hit in NMI context to avoid deadlock
2014-08-08 10:38:04 +02:00
ksysfs.c
kobject: Make support for uevent_helper optional.
2014-04-25 12:00:49 -07:00
kthread.c
kernel/kthread.c: partial revert of 81c98869fa ("kthread: ensure locality of task_struct allocations")
2014-10-09 22:25:51 -04:00
latencytop.c
kernel/latencytop.c: convert seq_printf to seq_puts
2014-06-04 16:54:15 -07:00
Makefile
bpf: split eBPF out of NET
2014-10-27 19:09:59 -04:00
module_signing.c
keys: change asymmetric keys to use common hash definitions
2013-10-25 17:15:18 -04:00
module-internal.h
KEYS: Separate the kernel signature checking keyring from module signing
2013-09-25 17:17:01 +01:00
module.c
Merge tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux
2014-10-18 10:24:26 -07:00
notifier.c
kprobes, notifier: Use NOKPROBE_SYMBOL macro in notifier
2014-04-24 10:26:39 +02:00
nsproxy.c
namespaces: Use task_lock and not rcu to protect nsproxy
2014-07-29 18:08:50 -07:00
padata.c
padata: Fix wrong usage of rcu_dereference()
2013-12-05 21:28:42 +08:00
panic.c
kernel/panic.c: update comments for print_tainted
2014-11-13 16:17:06 -08:00
params.c
kernel/param: consolidate __{start,stop}___param[] in <linux/moduleparam.h>
2014-10-14 02:18:28 +02:00
pid_namespace.c
pid_namespace: pidns_get() should check task_active_pid_ns() != NULL
2014-04-02 16:20:21 -07:00
pid.c
exit: pidns: alloc_pid() leaks pid_namespace if child_reaper is exiting
2015-01-08 10:30:28 -08:00
profile.c
kernel/profile.c: use static const char instead of static char
2014-06-06 16:08:13 -07:00
ptrace.c
sched: Remove proliferation of wait_on_bit() action functions
2014-07-16 15:10:39 +02:00
range.c
range: Do not add new blank slot with add_range_with_merge
2013-06-18 11:32:10 -05:00
reboot.c
kernel: add support for kernel restart handler call chain
2014-09-26 00:00:06 -07:00
relay.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2014-04-12 14:49:50 -07:00
res_counter.c
kernel/res_counter.c: replace simple_strtoull by kstrtoull
2014-06-04 16:54:15 -07:00
resource.c
x86: optimize resource lookups for ioremap
2014-10-14 02:18:22 +02:00
seccomp.c
Merge branch 'x86-seccomp-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2014-10-14 02:27:06 +02:00
signal.c
Merge branch 'signal-cleanup' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/misc
2014-08-09 09:58:12 -07:00
smp.c
Merge branch 'for-3.18-consistent-ops' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu
2014-10-15 07:48:18 +02:00
smpboot.c
smpboot: Add missing get_online_cpus() in smpboot_register_percpu_thread()
2015-02-11 15:00:56 +08:00
smpboot.h
softirq.c
Merge branch 'for-3.18-consistent-ops' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu
2014-10-15 07:48:18 +02:00
stacktrace.c
stop_machine.c
kernel/stop_machine.c: kernel-doc warning fix
2014-06-04 16:54:15 -07:00
sys_ni.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2014-10-08 21:40:54 -04:00
sys.c
Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2014-10-13 16:23:15 +02:00
sysctl_binary.c
Merge tag 'dmaengine-3.17' of git://git.kernel.org/pub/scm/linux/kernel/git/djbw/dmaengine
2014-10-07 20:39:25 -04:00
sysctl.c
mm, hugetlb: remove unnecessary lower bound on sysctl handlers"?
2015-03-14 15:37:15 -04:00
system_certificates.S
KEYS: correct alignment of system_certificate_list content in assembly file
2013-12-10 18:25:28 +00:00
system_keyring.c
KEYS: validate certificate trust only with builtin keys
2014-07-17 09:35:17 -04:00
task_work.c
task_work: documentation
2013-09-11 15:58:27 -07:00
taskstats.c
scheduler: Replace __get_cpu_var with this_cpu_ptr
2014-08-26 13:45:45 -04:00
test_kprobes.c
kernel/test_kprobes.c: use current logging functions
2014-08-08 15:57:18 -07:00
torture.c
torture: Address race in module cleanup
2014-09-16 13:41:06 -07:00
tracepoint.c
tracing: syscall_regfunc() should not skip kernel threads
2014-06-21 00:15:26 -04:00
tsacct.c
sched: Make task->start_time nanoseconds based
2014-07-23 10:18:05 -07:00
uid16.c
groups: Consolidate the setgroups permission checks
2015-01-08 10:30:25 -08:00
up.c
smp: Rename __smp_call_function_single() to smp_call_function_single_async()
2014-02-24 14:47:15 -08:00
user_namespace.c
userns: Allow setting gid_maps without privilege when setgroups is disabled
2015-01-08 10:30:26 -08:00
user-return-notifier.c
scheduler: Replace __get_cpu_var with this_cpu_ptr
2014-08-26 13:45:45 -04:00
user.c
userns: Add a knob to disable setgroups on a per user namespace basis
2015-01-08 10:30:26 -08:00
utsname_sysctl.c
sysctl: convert use of typedef ctl_table to struct ctl_table
2014-06-06 16:08:16 -07:00
utsname.c
namespaces: Use task_lock and not rcu to protect nsproxy
2014-07-29 18:08:50 -07:00
watchdog.c
Merge branch 'for-3.18-consistent-ops' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu
2014-10-15 07:48:18 +02:00
workqueue_internal.h
workqueue: rename manager_mutex to attach_mutex
2014-05-20 10:59:32 -04:00
workqueue.c
workqueue: fix hang involving racing cancel[_delayed]_work_sync()'s for PREEMPT_NONE
2015-03-28 09:37:48 -04:00