Hi Jiri,
On 01/12/2018 05:17 PM, Jiri Slaby wrote:
Hi,
this is a backport of these patches which I did for our kernels:
Thanks for doing! One comment below:
c237ee5eb33b bpf: add bpf_patch_insn_single helper 3df126f35f88 bpf: don't (ab)use instructions to store state e245c5c6a565 bpf: move fixup_bpf_calls() function 79741b3bdec0 bpf: refactor fixup_bpf_calls() 8041902dae52 bpf: adjust insn_aux_data when patching insns b2157399cc98 bpf: prevent out-of-bounds speculation
I offer it here for use in stable 4.4, if there is no better/simpler backport available yet.
Alexei Starovoitov (4): bpf: move fixup_bpf_calls() function bpf: refactor fixup_bpf_calls() bpf: adjust insn_aux_data when patching insns bpf: prevent out-of-bounds speculation
Please note that this still needs a fix [0] in addition. It's in bpf tree [1] and we'll get this out today to DaveM as a pull-req today, and hopefully it wouldn't take too long to land in Linus' tree from there again, sorry for the inconvenience. Once that landed we can move this into 4.4.
[0] https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=bbeb6... [1] https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/
Daniel Borkmann (1): bpf: add bpf_patch_insn_single helper
Jakub Kicinski (1): bpf: don't (ab)use instructions to store state
include/linux/bpf.h | 2 + include/linux/filter.h | 3 + kernel/bpf/arraymap.c | 24 ++++-- kernel/bpf/core.c | 71 ++++++++++++++++ kernel/bpf/syscall.c | 54 ------------ kernel/bpf/verifier.c | 217 +++++++++++++++++++++++++++++++++++-------------- 6 files changed, 252 insertions(+), 119 deletions(-)