Daniel Borkmann faa74a862a bpf: reject stores into ctx via st and xadd ... [ upstream commit f37a8cb84c ] Alexei found that verifier does not reject stores into context via BPF_ST instead of BPF_STX. And while looking at it, we also should not allow XADD variant of BPF_STX. The context rewriter is only assuming either BPF_LDX_MEM- or BPF_STX_MEM-type operations, thus reject anything other than that so that assumptions in the rewriter properly hold. Add test cases as well for BPF selftests. Fixes: d691f9e8d4 ("bpf: allow programs to write to certain skb fields") Reported-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2018-02-03 17:04:25 +01:00
..
bpf	bpf: reject stores into ctx via st and xadd	2018-02-03 17:04:25 +01:00
configs	kconfig: tinyconfig: provide whole choice blocks to avoid warnings	2016-09-24 10:07:42 +02:00
debug	kdb: Fix handling of kallsyms_symbol_next() return value	2017-12-16 10:33:49 +01:00
events	bpf: one perf event close won't free bpf program attached by another perf event	2017-10-21 17:09:02 +02:00
gcov	gcov: disable for COMPILE_TEST	2018-01-23 19:50:10 +01:00
irq	genirq: Release resources in __setup_irq() error path	2017-06-26 07:13:10 +02:00
livepatch
locking	locking/mutex: Allow next waiter lockless wakeup	2018-01-17 09:35:27 +01:00
power	sched/cpuset/pm: Fix cpuset vs. suspend-resume bugs	2017-10-12 11:27:35 +02:00
printk	printk: use rcuidle console tracepoint	2017-02-23 17:43:10 +01:00
rcu	rcu: Allow for page faults in NMI handlers	2017-10-18 09:20:41 +02:00
sched	sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks	2018-01-31 12:06:07 +01:00
time	hrtimer: Reset hrtimer cpu base proper on CPU hotplug	2018-01-31 12:06:12 +01:00
trace	tracing: Fix converting enum's from the map in trace_event_eval_update()	2018-01-23 19:50:16 +01:00
.gitignore
acct.c	kernel/acct.c: fix the acct->needcheck check in check_free_space()	2018-01-10 09:27:08 +01:00
async.c
audit_fsnotify.c
audit_tree.c
audit_watch.c	audit: Fix use after free in audit_remove_watch_rule()	2017-08-24 17:02:35 -07:00
audit.c	audit: ensure that 'audit=1' actually enables audit for PID 1	2017-12-16 10:33:56 +01:00
audit.h
auditfilter.c
auditsc.c	audit: fix a double fetch in audit_log_single_execve_arg()	2016-08-20 18:09:22 +02:00
backtracetest.c
bounds.c
capability.c	exec: Ensure mm->user_ns contains the execed files	2017-01-06 11:16:14 +01:00
cgroup_freezer.c
cgroup_pids.c
cgroup.c	cgroup, kthread: close race window where new kthreads can be migrated to non-root cgroups	2017-04-21 09:30:04 +02:00
compat.c
configs.c
context_tracking.c
cpu_pm.c
cpu.c	stable-fixup: hotplug: fix unused function warning	2017-01-12 11:22:48 +01:00
cpuset.c	sched/cpuset/pm: Fix cpuset vs. suspend-resume bugs	2017-10-12 11:27:35 +02:00
crash_dump.c
cred.c	cred: Reject inodes with invalid ids in set_create_file_as()	2016-09-15 08:27:49 +02:00
delayacct.c
dma.c
elfcore.c
exec_domain.c
exit.c
extable.c	kernel/extable.c: mark core_kernel_text notrace	2017-07-21 07:44:56 +02:00
fork.c	kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE	2018-01-05 15:44:23 +01:00
freezer.c
futex_compat.c
futex.c	futex: Prevent overflow by strengthen input validation	2018-01-23 19:50:14 +01:00
groups.c	kernel: make groups_sort calling a responsibility group_info allocators	2018-01-10 09:27:10 +01:00
hung_task.c
irq_work.c
jump_label.c	jump_label: Invoke jump_label_test() via early_initcall()	2017-12-16 10:33:55 +01:00
kallsyms.c
kcmp.c
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
kexec_core.c
kexec_file.c	kexec: fix double-free when failing to relocate the purgatory	2016-09-24 10:07:36 +02:00
kexec_internal.h
kexec.c
kmod.c
kprobes.c	tracing/kprobes: Enforce kprobes teardown after testing	2017-05-25 14:30:17 +02:00
ksysfs.c
kthread.c	cgroup, kthread: close race window where new kthreads can be migrated to non-root cgroups	2017-04-21 09:30:04 +02:00
latencytop.c
Makefile
membarrier.c	Fix: Disable sys_membarrier when nohz_full is enabled	2017-03-12 06:37:26 +01:00
memremap.c	mm: fix devm_memremap_pages crash, use mem_hotplug_{begin, done}	2017-01-19 20:17:18 +01:00
module_signing.c
module-internal.h
module.c	module: Issue warnings when tainting kernel	2018-01-10 09:27:14 +01:00
notifier.c
nsproxy.c
padata.c	padata: free correct variable	2017-05-20 14:27:02 +02:00
panic.c	kernel/panic.c: add missing \n	2017-07-05 14:37:19 +02:00
params.c
pid_namespace.c	pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes	2017-05-25 14:30:11 +02:00
pid.c	pids: make task_tgid_nr_ns() safe	2017-08-24 17:02:36 -07:00
profile.c
ptrace.c	ptrace: Properly initialize ptracer_cred on fork	2017-06-14 13:16:20 +02:00
range.c
reboot.c
relay.c
resource.c	/proc/iomem: only expose physical resource addresses to privileged users	2017-08-06 19:19:42 -07:00
seccomp.c	seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter()	2017-10-05 09:41:46 +02:00
signal.c	kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal()	2018-01-10 09:27:11 +01:00
smp.c
smpboot.c
smpboot.h
softirq.c
stacktrace.c
stop_machine.c
sys_ni.c
sys.c
sysctl_binary.c
sysctl.c	timer/sysclt: Restrict timer migration sysctl values to 0 and 1	2017-10-05 09:41:47 +02:00
task_work.c
taskstats.c
test_kprobes.c
torture.c
tracepoint.c
tsacct.c
uid16.c	kernel: make groups_sort calling a responsibility group_info allocators	2018-01-10 09:27:10 +01:00
up.c
user_namespace.c
user-return-notifier.c
user.c
utsname_sysctl.c
utsname.c
watchdog.c	kernel/watchdog: use nmi registers snapshot in hardlockup handler	2017-01-06 11:16:16 +01:00
workqueue_internal.h	workqueue: Fix NULL pointer dereference	2017-11-15 17:13:11 +01:00
workqueue.c	workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq	2017-12-16 10:33:52 +01:00