github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-07 14:04:54 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph

ANDROID: arm64: bpf: implement arch_bpf_jit_check_func

Browse Source 
Implement arch_bpf_jit_check_func to check that pointers to jited BPF
functions are correctly aligned and point to the BPF JIT region. This
narrows down the attack surface on the stored pointer.

Bug: 145210207
Change-Id: I1c2c9365662437f9a4178b873859576028468ea6
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
This commit is contained in:
Sami Tolvanen 2019-09-04 14:56:40 -07:00 committed by Alistair Delva
parent 788bbf4f26
commit d9756ba082
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
arch/arm64/net/bpf_jit_comp.c
View File

@ -976,3 +976,14 @@ void bpf_jit_free_exec(void *addr)
{
return vfree(addr);
}
#ifdef CONFIG_CFI_CLANG
bool arch_bpf_jit_check_func(const struct bpf_prog *prog)
{
const uintptr_t func = (const uintptr_t)prog->bpf_func;
/* bpf_func must be correctly aligned and within the BPF JIT region */
return (func >= BPF_JIT_REGION_START && func < BPF_JIT_REGION_END &&
IS_ALIGNED(func, sizeof(u32)));
}
#endif