[dpdk-stable] patch 'bpf: fix check array size' has been queued to LTS release 18.11.3

Kevin Traynor ktraynor at redhat.com
Fri Aug 23 11:43:01 CEST 2019

Previous message: [dpdk-stable] patch 'bus/vmbus: skip non-network devices' has been queued to LTS release 18.11.3
Next message: [dpdk-stable] patch 'eal: hide internal hotplug function' has been queued to LTS release 18.11.3
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

FYI, your patch has been queued to LTS release 18.11.3

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 08/28/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/kevintraynor/dpdk-stable-queue

This queued commit can be viewed at:
https://github.com/kevintraynor/dpdk-stable-queue/commit/d606af604d40a0da9cb44406a0068729e707cfd3

Thanks.

Kevin Traynor

---
>From d606af604d40a0da9cb44406a0068729e707cfd3 Mon Sep 17 00:00:00 2001
From: Konstantin Ananyev <konstantin.ananyev at intel.com>
Date: Fri, 21 Jun 2019 15:26:49 +0100
Subject: [PATCH] bpf: fix check array size

[ upstream commit 28b2d3d112e2bde5264921d8feca89e2e5708a87 ]

Array ins_chk in lib/librte_bpf/bpf_validate.c has 255 entries.
So the instruction with opcode == 255 will reading beyond array
boundaries.
For more details please refer to:
https://bugs.dpdk.org/show_bug.cgi?id=283

Fixes: 6e12ec4c4d6d ("bpf: add more checks")

Reported-by: Michel Machado <michel at digirati.com.br>
Signed-off-by: Konstantin Ananyev <konstantin.ananyev at intel.com>
---
 lib/librte_bpf/bpf_validate.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/librte_bpf/bpf_validate.c b/lib/librte_bpf/bpf_validate.c
index 83983efc4..d0e683b5b 100644
--- a/lib/librte_bpf/bpf_validate.c
+++ b/lib/librte_bpf/bpf_validate.c
@@ -1085,5 +1085,5 @@ eval_jcc(struct bpf_verifier *bvf, const struct ebpf_insn *ins)
  * validate parameters for each instruction type.
  */
-static const struct bpf_ins_check ins_chk[UINT8_MAX] = {
+static const struct bpf_ins_check ins_chk[UINT8_MAX + 1] = {
 	/* ALU IMM 32-bit instructions */
 	[(BPF_ALU | BPF_ADD | BPF_K)] = {
-- 
2.20.1

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-08-22 19:38:21.191143492 +0100
+++ 0011-bpf-fix-check-array-size.patch	2019-08-22 19:38:20.403027690 +0100
@@ -1 +1 @@
-From 28b2d3d112e2bde5264921d8feca89e2e5708a87 Mon Sep 17 00:00:00 2001
+From d606af604d40a0da9cb44406a0068729e707cfd3 Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit 28b2d3d112e2bde5264921d8feca89e2e5708a87 ]
+
@@ -13 +14,0 @@
-Cc: stable at dpdk.org

Previous message: [dpdk-stable] patch 'bus/vmbus: skip non-network devices' has been queued to LTS release 18.11.3
Next message: [dpdk-stable] patch 'eal: hide internal hotplug function' has been queued to LTS release 18.11.3
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the stable mailing list