Merge branch 'bpf, sockmap: Fix infinite recursion in sock_map_close' - lwn.git - Linux kernel documentation tree maintained by Jonathan Corbet

diff options

author	Alexei Starovoitov <ast@kernel.org>	2023-01-24 21:32:55 -0800
committer	Alexei Starovoitov <ast@kernel.org>	2023-01-24 21:32:55 -0800
commit	e8c8fd9b8393d7064152c8806f5ac446d760a23e (patch)
tree	16556640aaa91c3da3674977e4519f224d758e4d /kernel/bpf/bpf_lsm.c
parent	74bc3a5acc82f020d2e126f56c535d02d1e74e37 (diff)
parent	c88ea16a8f892bce3bfb3f6a0d91b2bb27df8f59 (diff)
download	lwn-e8c8fd9b8393d7064152c8806f5ac446d760a23e.tar.gz lwn-e8c8fd9b8393d7064152c8806f5ac446d760a23e.zip

Merge branch 'bpf, sockmap: Fix infinite recursion in sock_map_close'

Jakub Sitnicki says: ==================== This patch set addresses the syzbot report in [1]. Patch #1 has been suggested by Eric [2]. I extended it to cover the rest of sock_map proto callbacks. Otherwise we would still overflow the stack. Patch #2 contains the actual fix and bug analysis. Patches #3 & #4 add coverage to selftests to trigger the bug. [1] https://lore.kernel.org/all/00000000000073b14905ef2e7401@google.com/ [2] https://lore.kernel.org/all/CANn89iK2UN1FmdUcH12fv_xiZkv2G+Nskvmq7fG6aA_6VKRf6g@mail.gmail.com/ --- v1 -> v2: v1: https://lore.kernel.org/r/20230113-sockmap-fix-v1-0-d3cad092ee10@cloudflare.com [v1 didn't hit bpf@ ML by mistake] * pull in Eric's patch to protect against recursion loop bugs (Eric) * add a macro helper to check if pointer is inside a memory range (Eric) ==================== Signed-off-by: Alexei Starovoitov <ast@kernel.org>

Diffstat (limited to 'kernel/bpf/bpf_lsm.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: