mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/kernel/bpf
History
Stanislav Fomichev b34bbc7665 bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE 
[ Upstream commit 543576ec15 ]

bpf_prog_attach uses attach_type_to_prog_type to enforce proper
attach type for BPF_PROG_TYPE_CGROUP_SKB. link_create uses
bpf_prog_get and relies on bpf_prog_attach_check_attach_type
to properly verify prog_type <> attach_type association.

Add missing attach_type enforcement for the link_create case.
Otherwise, it's currently possible to attach cgroup_skb prog
types to other cgroup hooks.

Fixes: af6eea5743 ("bpf: Implement bpf_link-based cgroup BPF program attachment")
Link: https://lore.kernel.org/bpf/0000000000004792a90615a1dde0@google.com/
Reported-by: syzbot+838346b979830606c854@syzkaller.appspotmail.com
Signed-off-by: Stanislav Fomichev <sdf@google.com>
Acked-by: Eduard Zingerman <eddyz87@gmail.com>
Link: https://lore.kernel.org/r/20240426231621.2716876-2-sdf@google.com
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2024-05-30 09:44:28 +02:00
..
preload
Kconfig bpf: Merge two CONFIG_BPF entries 2024-02-07 16:38:20 -08:00
Makefile kbuild: make -Woverride-init warnings more consistent 2024-03-31 11:32:26 +09:00
arena.c bpf: Clarify bpf_arena comments. 2024-03-15 14:23:45 -07:00
arraymap.c bpf: Consistently use BPF token throughout BPF verifier logic 2024-01-24 16:21:01 -08:00
bloom_filter.c bpf: Check bloom filter map value size 2024-03-27 09:56:17 -07:00
bpf_cgrp_storage.c bpf: Enable bpf_cgrp_storage for cgroup1 non-attach case 2023-12-08 17:08:18 -08:00
bpf_inode_storage.c
bpf_iter.c bpf: move sleepable flag from bpf_prog_aux to bpf_prog 2024-03-11 16:41:25 -07:00
bpf_local_storage.c bpf: Allow compiler to inline most of bpf_local_storage_lookup() 2024-02-11 14:06:24 -08:00
bpf_lru_list.c
bpf_lru_list.h
bpf_lsm.c bpf: Minor clean-up to sleepable_lsm_hooks BTF set 2024-02-01 18:37:45 +01:00
bpf_struct_ops.c bpf: struct_ops supports more than one page for trampolines. 2024-03-04 14:09:20 -08:00
bpf_task_storage.c
btf.c bpf: Recognize btf_decl_tag("arg: Arena") as PTR_TO_ARENA. 2024-03-11 15:37:24 -07:00
cgroup.c net: adopt skb_network_offset() and similar helpers 2024-03-04 08:47:06 +00:00
cgroup_iter.c
core.c bpf: verifier: prevent userspace memory access 2024-04-26 09:45:18 -07:00
cpumap.c bpf: report RCU QS in cpumap kthread 2024-03-20 21:05:43 -07:00
cpumask.c bpf: treewide: Annotate BPF kfuncs in BTF 2024-01-31 20:40:56 -08:00
devmap.c bpf: Fix DEVMAP_HASH overflow check on 32-bit arches 2024-03-07 20:02:38 -08:00
disasm.c bpf: Disasm support for addr_space_cast instruction. 2024-03-11 15:37:24 -07:00
disasm.h
dispatcher.c bpf: Use arch_bpf_trampoline_size 2023-12-06 17:17:20 -08:00
hashtab.c bpf: Fix hashtab overflow check on 32-bit arches 2024-03-07 20:05:56 -08:00
helpers.c bpf: fix warning for crash_kexec 2024-03-27 08:52:24 -07:00
inode.c bpf: Support symbolic BPF FS delegation mount options 2024-01-24 16:21:02 -08:00
link_iter.c
local_storage.c
log.c bpf: Recognize addr_space_cast instruction in the verifier. 2024-03-11 15:37:24 -07:00
lpm_trie.c bpf: Replace bpf_lpm_trie_key 0-length array with flexible array 2024-02-29 22:52:43 +01:00
map_in_map.c
map_in_map.h
map_iter.c bpf: treewide: Annotate BPF kfuncs in BTF 2024-01-31 20:40:56 -08:00
memalloc.c bpf: Remove unnecessary cpu == 0 check in memalloc 2024-01-04 10:18:14 -08:00
mmap_unlock_work.h
mprog.c
net_namespace.c
offload.c
percpu_freelist.c
percpu_freelist.h
prog_iter.c
queue_stack_maps.c
reuseport_array.c
ringbuf.c
stackmap.c bpf: Fix stackmap overflow check on 32-bit arches 2024-03-07 20:06:25 -08:00
syscall.c bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE 2024-05-30 09:44:28 +02:00
sysfs_btf.c
task_iter.c bpf: Fix an issue due to uninitialized bpf_iter_task 2024-02-19 12:28:15 +01:00
tcx.c
tnum.c
token.c bpf,token: Use BIT_ULL() to convert the bit mask 2024-01-29 20:04:55 -08:00
trampoline.c bpf: move sleepable flag from bpf_prog_aux to bpf_prog 2024-03-11 16:41:25 -07:00
verifier.c bpf: Fix verifier assumptions about socket->sk 2024-05-30 09:44:27 +02:00