mirrors/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-12-31 12:00:09 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
f39b683d35dfa93a58f1b400a8ec0ff81296b37c
linux/kernel
History
Alexei Starovoitov 2339cd6cd0 bpf: fix precision tracking of stack slots 
The problem can be seen in the following two tests:
0: (bf) r3 = r10
1: (55) if r3 != 0x7b goto pc+0
2: (7a) *(u64 *)(r3 -8) = 0
3: (79) r4 = *(u64 *)(r10 -8)
..
0: (85) call bpf_get_prandom_u32#7
1: (bf) r3 = r10
2: (55) if r3 != 0x7b goto pc+0
3: (7b) *(u64 *)(r3 -8) = r0
4: (79) r4 = *(u64 *)(r10 -8)

When backtracking need to mark R4 it will mark slot fp-8.
But ST or STX into fp-8 could belong to the same block of instructions.
When backtracing is done the parent state may have fp-8 slot
as "unallocated stack". Which will cause verifier to warn
and incorrectly reject such programs.

Writes into stack via non-R10 register are rare. llvm always
generates canonical stack spill/fill.
For such pathological case fall back to conservative precision
tracking instead of rejecting.

Reported-by: syzbot+c8d66267fd2b5955287e@syzkaller.appspotmail.com
Fixes: b5dc0163d8 ("bpf: precise scalar_value tracking")
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2019-09-05 14:06:58 +02:00
..
bpf
bpf: fix precision tracking of stack slots
2019-09-05 14:06:58 +02:00
cgroup
Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2019-07-19 10:42:02 -07:00
configs
kvm_config: add CONFIG_VIRTIO_MENU
2018-10-24 20:55:56 -04:00
debug
treewide: Add SPDX license identifier - Makefile/Kconfig
2019-05-21 10:50:46 +02:00
dma
dma-direct: fix zone selection after an unaddressable CMA allocation
2019-08-21 07:14:10 +09:00
events
perf/core: Fix creating kernel counters for PMUs that override event->cpu
2019-07-25 15:41:31 +02:00
gcov
gcov: no need to check return value of debugfs_create functions
2019-06-03 16:18:12 +02:00
irq
genirq: Properly pair kobject_del() with kobject_add()
2019-08-19 21:41:19 +02:00
livepatch
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/livepatching/livepatching
2019-07-11 15:30:05 -07:00
locking
locking/mutex: Test for initialized mutex
2019-07-25 15:39:27 +02:00
power
Merge tag 'pci-v5.3-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci
2019-07-15 20:44:49 -07:00
printk
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13
2019-05-21 11:28:45 +02:00
rcu
Merge branch 'for-mingo' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu into core/rcu
2019-06-28 19:46:47 +02:00
sched
Merge branch 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2019-08-25 10:06:12 -07:00
time
timekeeping/vsyscall: Prevent math overflow in BOOTTIME update
2019-08-23 02:12:11 +02:00
trace
tracing: Correct kdoc formats
2019-08-31 06:51:56 -04:00
.gitignore
Provide in-kernel headers to make extending kernel easier
2019-04-29 16:48:03 +02:00
acct.c
acct_on(): don't mess with freeze protection
2019-04-04 21:04:13 -04:00
async.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
audit_fsnotify.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 157
2019-05-30 11:26:37 -07:00
audit_tree.c
fsnotify: switch send_to_group() and ->handle_event to const struct qstr *
2019-04-26 13:51:03 -04:00
audit_watch.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156
2019-05-30 11:26:35 -07:00
audit.c
Merge tag 'audit-pr-20190702' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
2019-07-08 18:55:42 -07:00
audit.h
Merge tag 'audit-pr-20190702' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
2019-07-08 18:55:42 -07:00
auditfilter.c
Merge tag 'audit-pr-20190702' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
2019-07-08 18:55:42 -07:00
auditsc.c
audit: enforce op for string fields
2019-05-28 17:46:43 -04:00
backtracetest.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
bounds.c
kbuild: fix kernel/bounds.c 'W=1' warning
2018-10-31 08:54:14 -07:00
capability.c
LSM: add SafeSetID module that gates setid calls
2019-01-25 11:22:43 -08:00
compat.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
configs.c
kernel/configs: Replace GPL boilerplate code with SPDX identifier
2019-07-30 18:34:15 +02:00
context_tracking.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
cpu_pm.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 282
2019-06-05 17:36:37 +02:00
cpu.c
Merge branch 'smp-hotplug-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2019-07-08 10:39:56 -07:00
crash_core.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230
2019-06-19 17:09:06 +02:00
crash_dump.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
cred.c
Merge branch 'access-creds'
2019-07-25 08:36:29 -07:00
delayacct.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 25
2019-05-21 11:52:39 +02:00
dma.c
proc: introduce proc_create_single{,_data}
2018-05-16 07:23:35 +02:00
elfcore.c
exec_domain.c
proc: introduce proc_create_single{,_data}
2018-05-16 07:23:35 +02:00
exit.c
exit: make setting exit_state consistent
2019-07-30 19:57:14 +02:00
extable.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156
2019-05-30 11:26:35 -07:00
fail_function.c
fail_function: no need to check return value of debugfs_create functions
2019-06-03 15:49:06 +02:00
fork.c
sched/fair: Don't free p->numa_faults with concurrent readers
2019-07-25 15:37:04 +02:00
freezer.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
futex.c
Merge tag 'v5.2-rc3' into locking/core, to pick up fixes
2019-06-03 11:50:18 +02:00
gen_kheaders.sh
kheaders: include only headers into kheaders_data.tar.xz
2019-07-09 10:10:52 +09:00
groups.c
hung_task.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
iomem.c
mm/nvdimm: add is_ioremap_addr and use that to check ioremap address
2019-07-12 11:05:40 -07:00
irq_work.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
jump_label.c
jump_label: Batch updates if arch supports it
2019-06-17 12:09:22 +02:00
kallsyms.c
kallsyms: Don't let kallsyms_lookup_size_offset() fail on retrieving the first symbol
2019-08-27 16:19:56 +01:00
kcmp.c
Kconfig.freezer
treewide: Add SPDX license identifier - Makefile/Kconfig
2019-05-21 10:50:46 +02:00
Kconfig.hz
treewide: Add SPDX license identifier - Makefile/Kconfig
2019-05-21 10:50:46 +02:00
Kconfig.locks
treewide: Add SPDX license identifier - Makefile/Kconfig
2019-05-21 10:50:46 +02:00
Kconfig.preempt
sched/rt, Kconfig: Unbreak def/oldconfig with CONFIG_PREEMPT=y
2019-07-22 18:05:11 +02:00
kcov.c
kcov: convert kcov.refcount to refcount_t
2019-03-07 18:32:02 -08:00
kexec_core.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230
2019-06-19 17:09:06 +02:00
kexec_file.c
Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
2019-07-08 20:28:59 -07:00
kexec_internal.h
kexec.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230
2019-06-19 17:09:06 +02:00
kheaders.c
kheaders: Move from proc to sysfs
2019-05-24 20:16:01 +02:00
kmod.c
kprobes.c
kprobes: Fix potential deadlock in kprobe_optimizer()
2019-08-19 12:22:19 +02:00
ksysfs.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 170
2019-05-30 11:26:39 -07:00
kthread.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
latencytop.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
Makefile
memremap: move from kernel/ to mm/
2019-08-03 07:02:01 -07:00
module_signing.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36
2019-05-24 17:27:11 +02:00
module-internal.h
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36
2019-05-24 17:27:11 +02:00
module.c
modules: page-align module section allocations only for arches supporting strict module rwx
2019-08-21 10:43:56 +02:00
notifier.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
nsproxy.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
padata.c
padata: use smp_mb in padata_reorder to avoid orphaned padata jobs
2019-07-18 13:39:54 +08:00
panic.c
docs: admin-guide: move sysctl directory to it
2019-07-15 11:03:01 -03:00
params.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156
2019-05-30 11:26:35 -07:00
pid_namespace.c
proc/sysctl: add shared variables for range check
2019-07-18 17:08:07 -07:00
pid.c
kernel/pid.c: convert struct pid count to refcount_t
2019-07-16 19:23:24 -07:00
profile.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
ptrace.c
ptrace: add PTRACE_GET_SYSCALL_INFO request
2019-07-16 19:23:24 -07:00
range.c
reboot.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
relay.c
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2019-03-12 13:27:20 -07:00
resource.c
resource: avoid unnecessary lookups in find_next_iomem_res()
2019-07-18 17:08:06 -07:00
rseq.c
signal: Remove task parameter from force_sig
2019-05-27 09:36:28 -05:00
seccomp.c
signal: Remove the signal number and task parameters from force_sig_info
2019-05-29 09:31:44 -05:00
signal.c
signal: Allow cifs and drbd to receive their terminating signals
2019-08-19 06:34:13 -05:00
smp.c
smp: Warn on function calls from softirq context
2019-07-20 11:27:16 +02:00
smpboot.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
smpboot.h
softirq.c
Merge branch 'irq-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2019-07-08 11:01:13 -07:00
stackleak.c
stackleak: Mark stackleak_track_stack() as notrace
2018-12-05 19:31:44 -08:00
stacktrace.c
stacktrace: Force USER_DS for stack_trace_save_user()
2019-07-18 16:47:24 +02:00
stop_machine.c
processor: get rid of cpu_relax_yield
2019-06-15 12:25:55 +02:00
sys_ni.c
arch: handle arches who do not yet define clone3
2019-06-21 01:54:53 +02:00
sys.c
prctl_set_mm: downgrade mmap_sem to read lock
2019-06-01 15:51:31 -07:00
sysctl_binary.c
kernel/sysctl: add panic_print into sysctl
2019-01-04 13:13:47 -08:00
sysctl.c
proc/sysctl: add shared variables for range check
2019-07-18 17:08:07 -07:00
task_work.c
taskstats.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 157
2019-05-30 11:26:37 -07:00
test_kprobes.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 25
2019-05-21 11:52:39 +02:00
torture.c
torture: Allow inter-stutter interval to be specified
2019-05-28 09:06:09 -07:00
tracepoint.c
Merge tag 'trace-v5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace
2019-07-18 11:51:00 -07:00
tsacct.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 157
2019-05-30 11:26:37 -07:00
ucount.c
proc/sysctl: add shared variables for range check
2019-07-18 17:08:07 -07:00
uid16.c
uid16.h
umh.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
up.c
smp: Remove smp_call_function() and on_each_cpu() return values
2019-06-23 14:26:26 +02:00
user_namespace.c
Merge tag 'keys-namespace-20190627' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
2019-07-08 19:36:47 -07:00
user-return-notifier.c
treewide: Add SPDX license identifier for missed files
2019-05-21 10:50:45 +02:00
user.c
Merge tag 'keys-namespace-20190627' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
2019-07-08 19:36:47 -07:00
utsname_sysctl.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
utsname.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
2019-06-05 17:37:17 +02:00
watchdog_hld.c
kernel/watchdog_hld.c: hard lockup message should end with a newline
2019-04-19 09:46:05 -07:00
watchdog.c
watchdog: Fix typo in comment
2019-04-18 14:05:51 +02:00
workqueue_internal.h
sched/core, workqueues: Distangle worker accounting from rq lock
2019-04-16 16:55:15 +02:00
workqueue.c
workqueue: Remove GPF argument from alloc_workqueue_attrs()
2019-06-27 14:12:19 -07:00