From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 846E445804 for ; Fri, 23 Aug 2024 18:21:49 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 7D96F4337E; Fri, 23 Aug 2024 18:21:49 +0200 (CEST) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mails.dpdk.org (Postfix) with ESMTP id 7556940295 for ; Fri, 23 Aug 2024 18:21:48 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1724430108; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ULZQxwFsFkTR2LoCDiS2J3IUijOMjlBZMNax0iSxQyU=; b=gRk/H7AFNGhLhpIgEMnzPi7qUNjkd4gUnx7yaBhTO+qX+aL0zdN6EHa704+J5UdwHxD/tj V6P5A1YpUiO18tZ62a2X1RRMUtq8uefJclVpH5Dny+b34h2m6YcgAJ0OVCEh+UuBRqFvBb /pu24qziqtRJGppwkbnlxaAoH90HFLg= Received: from mx-prod-mc-02.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-646-pfTnDZpgPqOWrD9UeWoVew-1; Fri, 23 Aug 2024 12:21:42 -0400 X-MC-Unique: pfTnDZpgPqOWrD9UeWoVew-1 Received: from mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id AEC611955D52; Fri, 23 Aug 2024 16:21:41 +0000 (UTC) Received: from rh.redhat.com (unknown [10.39.193.224]) by mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id E948E1956053; Fri, 23 Aug 2024 16:21:39 +0000 (UTC) From: Kevin Traynor To: Konstantin Ananyev Cc: =?UTF-8?q?Morten=20Br=C3=B8rup?= , dpdk stable Subject: patch 'bpf: fix MOV instruction evaluation' has been queued to stable release 21.11.8 Date: Fri, 23 Aug 2024 17:18:05 +0100 Message-ID: <20240823161929.1004778-57-ktraynor@redhat.com> In-Reply-To: <20240823161929.1004778-1-ktraynor@redhat.com> References: <20240823161929.1004778-1-ktraynor@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.17 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Hi, FYI, your patch has been queued to stable release 21.11.8 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 08/28/24. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Queued patches are on a temporary branch at: https://github.com/kevintraynor/dpdk-stable This queued commit can be viewed at: https://github.com/kevintraynor/dpdk-stable/commit/89a1505c5a6572d2e612c23dd2070889cebd17ab Thanks. Kevin --- >From 89a1505c5a6572d2e612c23dd2070889cebd17ab Mon Sep 17 00:00:00 2001 From: Konstantin Ananyev Date: Thu, 27 Jun 2024 19:04:40 +0100 Subject: [PATCH] bpf: fix MOV instruction evaluation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [ upstream commit 3eef64655bfe3602f4e3235e2533932205f24569 ] Verifier might left some register-state values uninitialized while evaluating MOV instructions. Add explicit initialization. Fixes: 8021917293d0 ("bpf: add extra validation for input BPF program") Signed-off-by: Konstantin Ananyev Acked-by: Morten Brørup --- lib/bpf/bpf_validate.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/lib/bpf/bpf_validate.c b/lib/bpf/bpf_validate.c index 09331258eb..81bede3701 100644 --- a/lib/bpf/bpf_validate.c +++ b/lib/bpf/bpf_validate.c @@ -639,12 +639,12 @@ eval_alu(struct bpf_verifier *bvf, const struct ebpf_insn *ins) uint64_t msk; uint32_t op; - size_t opsz; + size_t opsz, sz; const char *err; struct bpf_eval_state *st; struct bpf_reg_val *rd, rs; - opsz = (BPF_CLASS(ins->code) == BPF_ALU) ? + sz = (BPF_CLASS(ins->code) == BPF_ALU) ? sizeof(uint32_t) : sizeof(uint64_t); - opsz = opsz * CHAR_BIT; + opsz = sz * CHAR_BIT; msk = RTE_LEN2MASK(opsz, uint64_t); @@ -655,6 +655,8 @@ eval_alu(struct bpf_verifier *bvf, const struct ebpf_insn *ins) rs = st->rv[ins->src_reg]; eval_apply_mask(&rs, msk); - } else + } else { + rs = (struct bpf_reg_val){.v = {.size = sz,},}; eval_fill_imm(&rs, msk, ins->imm); + } eval_apply_mask(rd, msk); -- 2.46.0 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2024-08-23 17:18:11.577569779 +0100 +++ 0057-bpf-fix-MOV-instruction-evaluation.patch 2024-08-23 17:18:09.721430109 +0100 @@ -1 +1 @@ -From 3eef64655bfe3602f4e3235e2533932205f24569 Mon Sep 17 00:00:00 2001 +From 89a1505c5a6572d2e612c23dd2070889cebd17ab Mon Sep 17 00:00:00 2001 @@ -8,0 +9,2 @@ +[ upstream commit 3eef64655bfe3602f4e3235e2533932205f24569 ] + @@ -14 +15,0 @@ -Cc: stable@dpdk.org @@ -23 +24 @@ -index 79be5e917d..11344fff4d 100644 +index 09331258eb..81bede3701 100644 @@ -26 +27 @@ -@@ -637,12 +637,12 @@ eval_alu(struct bpf_verifier *bvf, const struct ebpf_insn *ins) +@@ -639,12 +639,12 @@ eval_alu(struct bpf_verifier *bvf, const struct ebpf_insn *ins) @@ -42 +43 @@ -@@ -653,6 +653,8 @@ eval_alu(struct bpf_verifier *bvf, const struct ebpf_insn *ins) +@@ -655,6 +655,8 @@ eval_alu(struct bpf_verifier *bvf, const struct ebpf_insn *ins)