diff options
| author | Alexei Starovoitov <ast@kernel.org> | 2022-08-09 06:58:09 +0300 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2022-08-25 12:45:13 +0300 |
| commit | b429d0b9a7a0f3dddb1f782b72629e6353f292fd (patch) | |
| tree | cba44112e5aceced480fc61158259ec17a107a4d /tools | |
| parent | 1f6db7148ed7382b336c5827af33b5d9e992630e (diff) | |
| download | linux-b429d0b9a7a0f3dddb1f782b72629e6353f292fd.tar.xz | |
bpf: Disallow bpf programs call prog_run command.
commit 86f44fcec22ce2979507742bc53db8400e454f46 upstream.
The verifier cannot perform sufficient validation of bpf_attr->test.ctx_in
pointer, therefore bpf programs should not be allowed to call BPF_PROG_RUN
command from within the program.
To fix this issue split bpf_sys_bpf() bpf helper into normal kern_sys_bpf()
kernel function that can only be used by the kernel light skeleton directly.
Reported-by: YiFei Zhu <zhuyifei@google.com>
Fixes: b1d18a7574d0 ("bpf: Extend sys_bpf commands for bpf_syscall programs.")
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/lib/bpf/skel_internal.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/tools/lib/bpf/skel_internal.h b/tools/lib/bpf/skel_internal.h index bd6f4505e7b1..70adf7b119b9 100644 --- a/tools/lib/bpf/skel_internal.h +++ b/tools/lib/bpf/skel_internal.h @@ -66,13 +66,13 @@ struct bpf_load_and_run_opts { const char *errstr; }; -long bpf_sys_bpf(__u32 cmd, void *attr, __u32 attr_size); +long kern_sys_bpf(__u32 cmd, void *attr, __u32 attr_size); static inline int skel_sys_bpf(enum bpf_cmd cmd, union bpf_attr *attr, unsigned int size) { #ifdef __KERNEL__ - return bpf_sys_bpf(cmd, attr, size); + return kern_sys_bpf(cmd, attr, size); #else return syscall(__NR_bpf, cmd, attr, size); #endif |