linux-stable/kernel/bpf
Bui Quang Minh f6f1d19114 bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
commit 7dd5d437c2 upstream.

In 32-bit architecture, the result of sizeof() is a 32-bit integer so
the expression becomes the multiplication between 2 32-bit integer which
can potentially leads to integer overflow. As a result,
bpf_map_area_alloc() allocates less memory than needed.

Fix this by casting 1 operand to u64.

Fixes: 0d2c4f9640 ("bpf: Eliminate rlimit-based memory accounting for sockmap and sockhash maps")
Fixes: 99c51064fb ("devmap: Use bpf_map_area_alloc() for allocating hash buckets")
Fixes: 546ac1ffb7 ("bpf: add devmap, a map for storing net device references")
Signed-off-by: Bui Quang Minh <minhquangbui99@gmail.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/20210613143440.71975-1-minhquangbui99@gmail.com
Signed-off-by: Connor O'Brien <connoro@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-12-17 10:12:24 +01:00
..
arraymap.c
bpf_lru_list.c bpf_lru_list: Read double-checked variable once without lock 2021-03-04 10:26:16 +01:00
bpf_lru_list.h
btf.c bpf: Explicitly memset some bpf info structures declared on the stack 2020-04-02 15:11:01 +02:00
cgroup.c bpf, cgroup: Fix problematic bounds check 2021-02-10 09:25:27 +01:00
core.c bpf: Prevent increasing bpf_jit_limit above max 2021-11-17 09:48:20 +01:00
cpumap.c cpumap: Avoid warning when CONFIG_DEBUG_PER_CPU_MAPS is enabled 2020-05-02 08:48:51 +02:00
devmap.c bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc 2021-12-17 10:12:24 +01:00
disasm.c bpf: Introduce BPF nospec instruction for mitigating Spectre v4 2021-09-15 09:47:38 +02:00
disasm.h
hashtab.c bpf: Zero-fill re-used per-cpu map element 2020-11-18 19:20:26 +01:00
helpers.c bpf: Fix helper bpf_map_peek_elem_proto pointing to wrong callback 2021-01-23 15:57:56 +01:00
inode.c bpf: Fix a rcu warning for bpffs map pretty-print 2020-10-01 13:18:19 +02:00
local_storage.c
lpm_trie.c
Makefile bpf: Don't rely on GCC __attribute__((optimize)) to disable GCSE 2020-11-18 19:20:26 +01:00
map_in_map.c
map_in_map.h
offload.c bpf, offload: Replace bitwise AND by logical AND in bpf_prog_offload_info_fill 2020-02-28 17:22:27 +01:00
percpu_freelist.c
percpu_freelist.h
queue_stack_maps.c
reuseport_array.c
stackmap.c bpf: Fix integer overflow in prealloc_elems_and_freelist() 2021-10-13 10:08:18 +02:00
syscall.c bpf: sockmap: Require attach_bpf_fd when detaching a program 2020-08-07 09:34:02 +02:00
sysfs_btf.c bpf: Fix sysfs export of empty BTF section 2020-10-14 10:32:58 +02:00
tnum.c bpf: Fix incorrect verifier simulation of ARSH under ALU32 2020-01-23 08:22:44 +01:00
verifier.c bpf: Fix the off-by-two error in range markings 2021-12-14 14:48:59 +01:00
xskmap.c