[{"id":1798035,"web_url":"http://patchwork.ozlabs.org/comment/1798035/","msgid":"<20171102155945.vvrrugvhrgdvvkso@ast-mbp>","list_archive_url":null,"date":"2017-11-02T15:59:47","subject":"Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning in\n\tbpf_check","submitter":{"id":42586,"url":"http://patchwork.ozlabs.org/api/people/42586/","name":"Alexei Starovoitov","email":"alexei.starovoitov@gmail.com"},"content":"On Thu, Nov 02, 2017 at 12:05:52PM +0100, Arnd Bergmann wrote:\n> The bpf_verifer_ops array is generated dynamically and may be\n> empty depending on configuration, which then causes an out\n> of bounds access:\n> \n> kernel/bpf/verifier.c: In function 'bpf_check':\n> kernel/bpf/verifier.c:4320:29: error: array subscript is above array bounds [-Werror=array-bounds]\n> \n> This adds a check to the start of the function as a workaround.\n> I would assume that the function is never called in that configuration,\n> so the warning is probably harmless.\n> \n> Fixes: 00176a34d9e2 (\"bpf: remove the verifier ops from program structure\")\n> Signed-off-by: Arnd Bergmann \n> ---\n> Since there hasn't been a linux-next release in two weeks, I'm not\n> entirely sure this is still needed, but from looking of the net-next\n> contents it seems it is. I did not check any other trees that might\n> have a fix already.\n> ---\n> kernel/bpf/verifier.c | 4 ++++\n> 1 file changed, 4 insertions(+)\n> \n> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c\n> index 750aff880ecb..debb60ad08ee 100644\n> --- a/kernel/bpf/verifier.c\n> +++ b/kernel/bpf/verifier.c\n> @@ -4447,6 +4447,10 @@ int bpf_check(struct bpf_prog **prog, union bpf_attr *attr)\n> \tstruct bpf_verifer_log *log;\n> \tint ret = -EINVAL;\n> \n> +\t/* no program is valid */\n> +\tif (ARRAY_SIZE(bpf_verifier_ops) == 0)\n> +\t\treturn -EINVAL;\n\nsorry I don't see how bpf_verifier_ops can be empty.\nDid you mix it up with your previous patch when you made bpf_analyzer_ops empty?","headers":{"Return-Path":"","X-Original-To":"patchwork-incoming@ozlabs.org","Delivered-To":"patchwork-incoming@ozlabs.org","Authentication-Results":["ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=)","ozlabs.org; dkim=pass (2048-bit key;\n\tunprotected) header.d=gmail.com header.i=@gmail.com\n\theader.b=\"N6LQSenv\"; dkim-atps=neutral"],"Received":["from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3ySVCn3TRGz9t2r\n\tfor ;\n\tFri, 3 Nov 2017 03:00:05 +1100 (AEDT)","(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S933933AbdKBP7x (ORCPT );\n\tThu, 2 Nov 2017 11:59:53 -0400","from mail-pg0-f65.google.com ([74.125.83.65]:44054 \"EHLO\n\tmail-pg0-f65.google.com\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n\twith ESMTP id S932280AbdKBP7w (ORCPT\n\t); Thu, 2 Nov 2017 11:59:52 -0400","by mail-pg0-f65.google.com with SMTP id j3so2836pga.1;\n\tThu, 02 Nov 2017 08:59:52 -0700 (PDT)","from ast-mbp ([2620:10d:c090:180::1:a530])\n\tby smtp.gmail.com with ESMTPSA id\n\tj12sm7490286pfe.160.2017.11.02.08.59.49\n\t(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);\n\tThu, 02 Nov 2017 08:59:50 -0700 (PDT)"],"DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=gmail.com; s=20161025;\n\th=date:from:to:cc:subject:message-id:references:mime-version\n\t:content-disposition:in-reply-to:user-agent;\n\tbh=vs5pl/KWHTAtZeVkEabqEjv1l5tCEazn+FRaweU3qAA=;\n\tb=N6LQSenvkzAKnHZWpA25wwxdvR6Z/+B0m3AJnNPvs9B8aDqlCP73ZGJlOrlwgbQfFg\n\t89DOMKFM0w5tHkvVXAH9n5EpYz/OotmdqEE7VBh5GmmQAeICayThZwshjc+yjzlmqAgn\n\tzI+6wr/UtNScUuOKRSbKZ6PP8RnyaMp1H/WxQ6oa9pmnh/OMf97Kz3a3dz8oZhE0FxLI\n\tv6da9AcmYDxVDlnwBMhrPPLJ1E0a7xJc9BNN6FsA4NV54YdusChDPhZNU+2KYVR1n2gb\n\t0ZCA/wYNU5weuLfQb+W9FNUtuCsn4E35d45x3xeN93arNXEUSqAPc8hrfSvh9keC1d/R\n\t5ZAQ==","X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:date:from:to:cc:subject:message-id:references\n\t:mime-version:content-disposition:in-reply-to:user-agent;\n\tbh=vs5pl/KWHTAtZeVkEabqEjv1l5tCEazn+FRaweU3qAA=;\n\tb=qM8i3wp/o+Y1/i8H3Y2Z9qzoo11+CdNNIFtoA3SKJoow9w3VoyN6ehTaMzNCIifWZn\n\t4dpa7Rfhtwj90spGN8EXzphoKXG2N1X4vtQXyMZZGSG0Gn97Q1hjP0Si/vu8Z22d+fVC\n\t2EFNsmTfy/01BQDHIa7DjQ9w7M1w9oEtFH+Wh3rPhNgCOsYoJglTRCr7u5omrSO6tjvk\n\tXmqowDXllOwInKotzw57UrBsqyJWWjVKhEHtqG0qGFcH25x31P4QSTl84dzuf7JVv+ZT\n\tAu7ZfYy3G5dVqElxQEjowMYHdCX8cH0mbE7gl2GqJ6Dg2/4x9ZJ4v5yT3Z5wKJUXuppY\n\tquOg==","X-Gm-Message-State":"AMCzsaVOrHlXT7H7/SP+ewhdcoz9uwXKSSDbUgIQf1ZE0QvRGpdI0Vza\n\tnhs04V2CfRCTf3N3DdT5ph4=","X-Google-Smtp-Source":"ABhQp+RtGBxFzwWtf/icSgr6yDJaGyWnivZvz3X9j7QiNp1iSVjyPZvSWCe11stapUYj+XeEsbEEKg==","X-Received":"by 10.99.128.199 with SMTP id j190mr4055297pgd.145.1509638391583;\n\tThu, 02 Nov 2017 08:59:51 -0700 (PDT)","Date":"Thu, 2 Nov 2017 08:59:47 -0700","From":"Alexei Starovoitov ","To":"Arnd Bergmann ","Cc":"Alexei Starovoitov ,\n\tDaniel Borkmann ,\n\t\"David S. Miller\" ,\n\tEdward Cree ,\n\tJohn Fastabend ,\n\tJakub Kicinski ,\n\tnetdev@vger.kernel.org, linux-kernel@vger.kernel.org","Subject":"Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning in\n\tbpf_check","Message-ID":"<20171102155945.vvrrugvhrgdvvkso@ast-mbp>","References":"<20171102110558.2746221-1-arnd@arndb.de>\n\t<20171102110558.2746221-2-arnd@arndb.de>","MIME-Version":"1.0","Content-Type":"text/plain; charset=us-ascii","Content-Disposition":"inline","In-Reply-To":"<20171102110558.2746221-2-arnd@arndb.de>","User-Agent":"NeoMutt/20170421 (1.8.2)","Sender":"netdev-owner@vger.kernel.org","Precedence":"bulk","List-ID":"","X-Mailing-List":"netdev@vger.kernel.org"}},{"id":1798057,"web_url":"http://patchwork.ozlabs.org/comment/1798057/","msgid":"","list_archive_url":null,"date":"2017-11-02T16:14:00","subject":"Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning in\n\tbpf_check","submitter":{"id":30,"url":"http://patchwork.ozlabs.org/api/people/30/","name":"Arnd Bergmann","email":"arnd@arndb.de"},"content":"On Thu, Nov 2, 2017 at 4:59 PM, Alexei Starovoitov\n wrote:\n> On Thu, Nov 02, 2017 at 12:05:52PM +0100, Arnd Bergmann wrote:\n>> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c\n>> index 750aff880ecb..debb60ad08ee 100644\n>> --- a/kernel/bpf/verifier.c\n>> +++ b/kernel/bpf/verifier.c\n>> @@ -4447,6 +4447,10 @@ int bpf_check(struct bpf_prog **prog, union bpf_attr *attr)\n>> struct bpf_verifer_log *log;\n>> int ret = -EINVAL;\n>>\n>> + /* no program is valid */\n>> + if (ARRAY_SIZE(bpf_verifier_ops) == 0)\n>> + return -EINVAL;\n>\n> sorry I don't see how bpf_verifier_ops can be empty.\n> Did you mix it up with your previous patch when you made bpf_analyzer_ops empty?\n\nI confused the two a couple of times while creating the patches, but\nI'm still fairly\nsure I got it right in the end:\n\nbpf_verifier_ops is an array that gets generated by including linux/bpf_types.h.\nThat file has two kinds of entries:\n\n- BPF_MAP_TYPE() entries are left out, as that macro is defined to an\nempty string\n here.\n\n- BPF_PROG_TYPE() entries are conditional depending on CONFIG_NET and\n CONFIG_BPF_EVENTS. In the configuration that produces the warning,\n both are disabled.\n\n Arnd","headers":{"Return-Path":"","X-Original-To":"patchwork-incoming@ozlabs.org","Delivered-To":"patchwork-incoming@ozlabs.org","Authentication-Results":["ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=)","ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n\tunprotected) header.d=gmail.com header.i=@gmail.com\n\theader.b=\"cXUWWkoE\"; dkim-atps=neutral"],"Received":["from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3ySVX64tQsz9t2r\n\tfor ;\n\tFri, 3 Nov 2017 03:14:14 +1100 (AEDT)","(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S934021AbdKBQOD (ORCPT );\n\tThu, 2 Nov 2017 12:14:03 -0400","from mail-ot0-f196.google.com ([74.125.82.196]:51724 \"EHLO\n\tmail-ot0-f196.google.com\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n\twith ESMTP id S933418AbdKBQOB (ORCPT\n\t); Thu, 2 Nov 2017 12:14:01 -0400","by mail-ot0-f196.google.com with SMTP id n74so27573ota.8;\n\tThu, 02 Nov 2017 09:14:01 -0700 (PDT)","by 10.157.28.152 with HTTP; Thu, 2 Nov 2017 09:14:00 -0700 (PDT)"],"DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=gmail.com; s=20161025;\n\th=mime-version:sender:in-reply-to:references:from:date:message-id\n\t:subject:to:cc;\n\tbh=fhEQwmI/jIEYh2/NM1YWz6QhlOPz/YV7dl4CPsIyaFE=;\n\tb=cXUWWkoEaiLw4Y3veDZ4N0lX6Q33jrG+Fxe+Df8wnNz6Oc4s/Vv6av2j6gaOAXT7N4\n\t+EDEFEEceydXs/mspMSNXyQUeRhouXGYFGtabd+ayahZ6+jrO1HjLPmareNcHkI/HhpJ\n\tSv8w2L7lFtz3P/kZHlV1UMQ5JdZXO6P5UOD7Y5aWGe6bV75/9rxy5bwQctHp9y1Hzj6P\n\tp9WNKrcuf7VnH3y7Ztth1De4bNWpHkYy2xuSyCC+jZY2HQFQ9qCqb9sLZGd7ZiwpT4wa\n\t0pQAQaFjAw4QvkKQB1+7aDLu/Gjx5ZGPKwJwLjQ6QJC6CpG78zhVF5SvBY+Rlt/9NnJL\n\tM6Eg==","X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:mime-version:sender:in-reply-to:references:from\n\t:date:message-id:subject:to:cc;\n\tbh=fhEQwmI/jIEYh2/NM1YWz6QhlOPz/YV7dl4CPsIyaFE=;\n\tb=oHDPO+RNQDFVjNDIAFn8tb4YEA+B3ltO9hSGzXQD9+b6EEuQ7gSDlFMvPeVip1z35I\n\thW+5ThlEULltrt6/C/K5nOBvy7n1IykwaZ61TTnsnYyvvf4I3rfZGWQ1pAnbxOnoyj+D\n\ts4Oei9wqq6pXWKeENGZrnCEwQXKB5IJyDaNdc+cgvCnSilH6njQoZpdktahpN9Y5k/uX\n\tUkDIFJM4jjPrDvotu73vCDzUlnYa/+M0XX/h55E3f+VgZjvog5LgXq8BFQ8JQzXaIZCa\n\tgS54FIL2c52VxRL96+5OUz7W/XMdh2dlQCIWElJUKO0flI7Ow6AljqphD3qvptZ/+Bhq\n\troQw==","X-Gm-Message-State":"AJaThX5c1FgSCSE4bU3xISFqCyjERA5/3DAZ3PSPp38w/JgQYIh5ei4g\n\tBpU1Asd7r8lZVTLIqWXaVkLBzg0YMhtdeFI1rZtbOXay","X-Google-Smtp-Source":"ABhQp+QOqGOiptR4sK8drNgVBHvBu7NkTAdriNgwm6clZQnruuSMNIMGpzxTwkYSkntXb5ugPK0vbeN+3hl7BiklTw4=","X-Received":"by 10.157.16.5 with SMTP id h5mr2760631ote.320.1509639241217;\n\tThu, 02 Nov 2017 09:14:01 -0700 (PDT)","MIME-Version":"1.0","In-Reply-To":"<20171102155945.vvrrugvhrgdvvkso@ast-mbp>","References":"<20171102110558.2746221-1-arnd@arndb.de>\n\t<20171102110558.2746221-2-arnd@arndb.de>\n\t<20171102155945.vvrrugvhrgdvvkso@ast-mbp>","From":"Arnd Bergmann ","Date":"Thu, 2 Nov 2017 17:14:00 +0100","X-Google-Sender-Auth":"K1FMwJhNy47nqAQfVlKnolqcjJ0","Message-ID":"","Subject":"Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning in\n\tbpf_check","To":"Alexei Starovoitov ","Cc":"Alexei Starovoitov ,\n\tDaniel Borkmann ,\n\t\"David S. Miller\" ,\n\tEdward Cree ,\n\tJohn Fastabend ,\n\tJakub Kicinski ,\n\tNetworking ,\n\tLinux Kernel Mailing List ","Content-Type":"text/plain; charset=\"UTF-8\"","Sender":"netdev-owner@vger.kernel.org","Precedence":"bulk","List-ID":"","X-Mailing-List":"netdev@vger.kernel.org"}},{"id":1798147,"web_url":"http://patchwork.ozlabs.org/comment/1798147/","msgid":"<20171102105846.2609f1ec@cakuba.netronome.com>","list_archive_url":null,"date":"2017-11-02T17:58:46","subject":"Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning in\n\tbpf_check","submitter":{"id":67484,"url":"http://patchwork.ozlabs.org/api/people/67484/","name":"Jakub Kicinski","email":"jakub.kicinski@netronome.com"},"content":"On Thu, 2 Nov 2017 17:14:00 +0100, Arnd Bergmann wrote:\n> On Thu, Nov 2, 2017 at 4:59 PM, Alexei Starovoitov wrote:\n> > On Thu, Nov 02, 2017 at 12:05:52PM +0100, Arnd Bergmann wrote: \n> >> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c\n> >> index 750aff880ecb..debb60ad08ee 100644\n> >> --- a/kernel/bpf/verifier.c\n> >> +++ b/kernel/bpf/verifier.c\n> >> @@ -4447,6 +4447,10 @@ int bpf_check(struct bpf_prog **prog, union bpf_attr *attr)\n> >> struct bpf_verifer_log *log;\n> >> int ret = -EINVAL;\n> >>\n> >> + /* no program is valid */\n> >> + if (ARRAY_SIZE(bpf_verifier_ops) == 0)\n> >> + return -EINVAL; \n> >\n> > sorry I don't see how bpf_verifier_ops can be empty.\n> > Did you mix it up with your previous patch when you made bpf_analyzer_ops empty? \n> \n> I confused the two a couple of times while creating the patches, but\n> I'm still fairly\n> sure I got it right in the end:\n> \n> bpf_verifier_ops is an array that gets generated by including linux/bpf_types.h.\n> That file has two kinds of entries:\n> \n> - BPF_MAP_TYPE() entries are left out, as that macro is defined to an\n> empty string\n> here.\n> \n> - BPF_PROG_TYPE() entries are conditional depending on CONFIG_NET and\n> CONFIG_BPF_EVENTS. In the configuration that produces the warning,\n> both are disabled.\n\nRight. My preferred fix was to add a NULL entry to the table so it's\nnever empty, but this is OK too. Thanks!","headers":{"Return-Path":"","X-Original-To":"patchwork-incoming@ozlabs.org","Delivered-To":"patchwork-incoming@ozlabs.org","Authentication-Results":["ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=)","ozlabs.org; dkim=pass (2048-bit key;\n\tunprotected) header.d=netronome-com.20150623.gappssmtp.com\n\theader.i=@netronome-com.20150623.gappssmtp.com\n\theader.b=\"L++LRWsO\"; dkim-atps=neutral"],"Received":["from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3ySXs41T1lz9sNd\n\tfor ;\n\tFri, 3 Nov 2017 04:59:04 +1100 (AEDT)","(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S933307AbdKBR6w (ORCPT );\n\tThu, 2 Nov 2017 13:58:52 -0400","from mail-qt0-f194.google.com ([209.85.216.194]:53765 \"EHLO\n\tmail-qt0-f194.google.com\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n\twith ESMTP id S932534AbdKBR6u (ORCPT\n\t); Thu, 2 Nov 2017 13:58:50 -0400","by mail-qt0-f194.google.com with SMTP id n61so414513qte.10\n\tfor ; Thu, 02 Nov 2017 10:58:50 -0700 (PDT)","from cakuba.netronome.com ([75.53.12.129])\n\tby smtp.gmail.com with ESMTPSA id\n\tk7sm2383191qkf.45.2017.11.02.10.58.49\n\t(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);\n\tThu, 02 Nov 2017 10:58:50 -0700 (PDT)"],"DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=netronome-com.20150623.gappssmtp.com; s=20150623;\n\th=date:from:to:cc:subject:message-id:in-reply-to:references\n\t:organization:mime-version:content-transfer-encoding;\n\tbh=15lBi8n9oIFWqJqVoy3jVEC6YY2/BGbuLgxGb5YVI04=;\n\tb=L++LRWsOsLZh9BCta1yyKGYAgs+yyEp503JOg+C7vVyu8m1Pmb2uGS3/YFn/BBlV92\n\tYTDJiMGuIP2Si7cBep43Y+IqAXA4MZmmFdne9YMHsV8h89zGzqt3Aw681SwyeJpTM1v1\n\tu/ylyUbPkR9LFV+w4XW275jJA48qf1DnJ1Q8ZftsZISmlZ8BAkK1Sd1es5CmL/KB3UV9\n\tp20UGjqiuiFDMHehp7VlRexFu0to9Ypa9z2UjmyucUom/09GwwesvdEY96X7Lb6iAcwD\n\tpLq/kc2c7cGitAS/slciSGJt3DWhQhHVgBKA2ulx9OcUByMcJwbbFq//E+i5l2U/o1YX\n\t1zHg==","X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to\n\t:references:organization:mime-version:content-transfer-encoding;\n\tbh=15lBi8n9oIFWqJqVoy3jVEC6YY2/BGbuLgxGb5YVI04=;\n\tb=C8bJHawVqNXQRyPyQVr0tWj73sw7YQZRQtQLIBIa5+iQw0i2HzfgkFZtbuYxsU7xt2\n\thi4USkom3T3QVexg0R6uZmH+HzJJepAowx3zch3UIMFehMdGSBeJnTDN1Ec+fMXmMnLD\n\t5NJVZMHsQgcQDhf12+L+trecMtztGS6fWWNxKtFxYExVP30x8oO84gSnrTjBeTb+bX+T\n\t/+cg+ZOXMRkbNwhe7lJnG/XmJuj51C2pZjbbs1nFv0/2MAX8nUDCkaE8LsCO5+q8n8Uq\n\t37E5MUA07zExE1gcjBz+nFan42WkO7966bhgVhj0T5rmW1/dYNlKtWgCZouits7yH7Vu\n\tdeoA==","X-Gm-Message-State":"AJaThX5k4QleUSyh7i0g6UcRPYCyARA6Ofmj/E32rdTVxbz4loyWk02O\n\tXyZguiRwsvG0Qt2ff5ay0fbKfg==","X-Google-Smtp-Source":"ABhQp+Q3fHGJ1Q/gvL7jUEpe+/3BlzWbhC4OlTymoIpo2M6Zf+STozKCMmvtnerdFtMM//Euwt5VyQ==","X-Received":"by 10.237.62.252 with SMTP id o57mr6150767qtf.144.1509645530317; \n\tThu, 02 Nov 2017 10:58:50 -0700 (PDT)","Date":"Thu, 2 Nov 2017 10:58:46 -0700","From":"Jakub Kicinski ","To":"Arnd Bergmann ","Cc":"Alexei Starovoitov ,\n\tAlexei Starovoitov ,\n\tDaniel Borkmann ,\n\t\"David S. Miller\" ,\n\tEdward Cree ,\n\tJohn Fastabend ,\n\tNetworking ,\n\tLinux Kernel Mailing List ","Subject":"Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning in\n\tbpf_check","Message-ID":"<20171102105846.2609f1ec@cakuba.netronome.com>","In-Reply-To":"","References":"<20171102110558.2746221-1-arnd@arndb.de>\n\t<20171102110558.2746221-2-arnd@arndb.de>\n\t<20171102155945.vvrrugvhrgdvvkso@ast-mbp>\n\t","Organization":"Netronome Systems, Ltd.","MIME-Version":"1.0","Content-Type":"text/plain; charset=US-ASCII","Content-Transfer-Encoding":"7bit","Sender":"netdev-owner@vger.kernel.org","Precedence":"bulk","List-ID":"","X-Mailing-List":"netdev@vger.kernel.org"}},{"id":1798186,"web_url":"http://patchwork.ozlabs.org/comment/1798186/","msgid":"<20171102184659.a2mtsr354dy22znn@ast-mbp>","list_archive_url":null,"date":"2017-11-02T18:47:01","subject":"Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning in\n\tbpf_check","submitter":{"id":42586,"url":"http://patchwork.ozlabs.org/api/people/42586/","name":"Alexei Starovoitov","email":"alexei.starovoitov@gmail.com"},"content":"On Thu, Nov 02, 2017 at 05:14:00PM +0100, Arnd Bergmann wrote:\n> On Thu, Nov 2, 2017 at 4:59 PM, Alexei Starovoitov\n> wrote:\n> > On Thu, Nov 02, 2017 at 12:05:52PM +0100, Arnd Bergmann wrote:\n> >> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c\n> >> index 750aff880ecb..debb60ad08ee 100644\n> >> --- a/kernel/bpf/verifier.c\n> >> +++ b/kernel/bpf/verifier.c\n> >> @@ -4447,6 +4447,10 @@ int bpf_check(struct bpf_prog **prog, union bpf_attr *attr)\n> >> struct bpf_verifer_log *log;\n> >> int ret = -EINVAL;\n> >>\n> >> + /* no program is valid */\n> >> + if (ARRAY_SIZE(bpf_verifier_ops) == 0)\n> >> + return -EINVAL;\n> >\n> > sorry I don't see how bpf_verifier_ops can be empty.\n> > Did you mix it up with your previous patch when you made bpf_analyzer_ops empty?\n> \n> I confused the two a couple of times while creating the patches, but\n> I'm still fairly\n> sure I got it right in the end:\n> \n> bpf_verifier_ops is an array that gets generated by including linux/bpf_types.h.\n> That file has two kinds of entries:\n> \n> - BPF_MAP_TYPE() entries are left out, as that macro is defined to an\n> empty string\n> here.\n> \n> - BPF_PROG_TYPE() entries are conditional depending on CONFIG_NET and\n> CONFIG_BPF_EVENTS. In the configuration that produces the warning,\n> both are disabled.\n\nI see. Didn't realize that it's possible to enable bpf syscall\nwithout networking and tracing support.\nI'm thinking whether it's better to disallow such uselss mode in kconfig,\nbut it's probably going to be convoluted.\nAbove if (ARRAY_SIZE(bpf_verifier_ops) == 0) will be optimized away\nby gcc in 99.9% of configs, so I guess that's fine, so:\nAcked-by: Alexei Starovoitov ","headers":{"Return-Path":"","X-Original-To":"patchwork-incoming@ozlabs.org","Delivered-To":"patchwork-incoming@ozlabs.org","Authentication-Results":["ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=)","ozlabs.org; dkim=pass (2048-bit key;\n\tunprotected) header.d=gmail.com header.i=@gmail.com\n\theader.b=\"EeLOEoPs\"; dkim-atps=neutral"],"Received":["from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3ySYwj5Btqz9s81\n\tfor ;\n\tFri, 3 Nov 2017 05:47:17 +1100 (AEDT)","(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S934009AbdKBSrG (ORCPT );\n\tThu, 2 Nov 2017 14:47:06 -0400","from mail-pf0-f196.google.com ([209.85.192.196]:46631 \"EHLO\n\tmail-pf0-f196.google.com\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n\twith ESMTP id S932571AbdKBSrF (ORCPT\n\t); Thu, 2 Nov 2017 14:47:05 -0400","by mail-pf0-f196.google.com with SMTP id p87so341600pfj.3;\n\tThu, 02 Nov 2017 11:47:05 -0700 (PDT)","from ast-mbp ([2620:10d:c090:180::1:f1a0])\n\tby smtp.gmail.com with ESMTPSA id\n\tl189sm6547468pga.24.2017.11.02.11.47.03\n\t(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);\n\tThu, 02 Nov 2017 11:47:03 -0700 (PDT)"],"DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=gmail.com; s=20161025;\n\th=date:from:to:cc:subject:message-id:references:mime-version\n\t:content-disposition:in-reply-to:user-agent;\n\tbh=/iLR//z/JEY4Ssm6LuNoIqIMiGjt8hpbtQsT0Au5T6w=;\n\tb=EeLOEoPsP88NZsQUlBJXENnFSsHO8pybNSIPJEQrkYy+I5HjlrncOaoeHMkuXDqeXm\n\tuUz8E4tgkEP2LT3/+h60MbG7UogddIGdnNk9DkIqtp4KJcJV4DY46vbpYewuX5Q1WWOb\n\taRXyFewZ2BhuHrGzxBe5AF27vULrcj3o2vwA/lI0iyd08VnNwFkvhYGycBDb2oskMDAO\n\tTZcCrRsU7VX8U9TngLD5OUvf73/hszggyuC6Uz0vUmWmAP9tjILGv7FXTY1gj9EgmjA7\n\t3UjhK+Um3aH1t+2eAkQ+o8qSyMm8fTWhudcEWhunH2/Heqs4Ykij9gKc02rMWMy7vmcm\n\tfihQ==","X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:date:from:to:cc:subject:message-id:references\n\t:mime-version:content-disposition:in-reply-to:user-agent;\n\tbh=/iLR//z/JEY4Ssm6LuNoIqIMiGjt8hpbtQsT0Au5T6w=;\n\tb=f7+uD8lA3eiFPCJOdpIxmL0F32GHWIC/pMqHjbCu3RZvvsTV24dQFSnI8f4W9fBfDK\n\tvXL2dmULKP5y4r1JDH1vN8gZQzErDP3dGNUCwSWg+HzGKSVBd5aV0vxH6vKZ8I523Aje\n\tEYTJGMJafYobKY4A3BetiP2yju7wmitCRZThoVkWOrBesh0oHWQddBcnCv/Nb8QEIcQk\n\tcCgizP9kDNAVZCp+pZYzE9npXgCvQS5vHrBv+qOtOk/GmfdUhi5zXOkxHBtu58xS0cnk\n\tr2Zaa7wsO8rfw2u+lWdvpZgKe5XR7Ni8n4qheJgWKrIuQQX5OlXtWWcsSFvXwknInY8d\n\t64UA==","X-Gm-Message-State":"AMCzsaXA3hJq6P1A3411/C1ODNzqHkE+szciYn77W9qisz47HPApjZ0S\n\tLCB8F45K0wzv5t08hffJADY=","X-Google-Smtp-Source":"ABhQp+SPLsUAIaW58TdnPydWnw+SuUeQiMjrotBciZ7UmSzWGqQRtw3opUYKFmYHIan0mlIpK7V+lg==","X-Received":"by 10.98.17.7 with SMTP id z7mr4906464pfi.206.1509648424676;\n\tThu, 02 Nov 2017 11:47:04 -0700 (PDT)","Date":"Thu, 2 Nov 2017 11:47:01 -0700","From":"Alexei Starovoitov ","To":"Arnd Bergmann ","Cc":"Alexei Starovoitov ,\n\tDaniel Borkmann ,\n\t\"David S. Miller\" ,\n\tEdward Cree ,\n\tJohn Fastabend ,\n\tJakub Kicinski ,\n\tNetworking ,\n\tLinux Kernel Mailing List ","Subject":"Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning in\n\tbpf_check","Message-ID":"<20171102184659.a2mtsr354dy22znn@ast-mbp>","References":"<20171102110558.2746221-1-arnd@arndb.de>\n\t<20171102110558.2746221-2-arnd@arndb.de>\n\t<20171102155945.vvrrugvhrgdvvkso@ast-mbp>\n\t","MIME-Version":"1.0","Content-Type":"text/plain; charset=us-ascii","Content-Disposition":"inline","In-Reply-To":"","User-Agent":"NeoMutt/20170421 (1.8.2)","Sender":"netdev-owner@vger.kernel.org","Precedence":"bulk","List-ID":"","X-Mailing-List":"netdev@vger.kernel.org"}},{"id":1798322,"web_url":"http://patchwork.ozlabs.org/comment/1798322/","msgid":"<59FB9DAA.702@iogearbox.net>","list_archive_url":null,"date":"2017-11-02T22:35:22","subject":"Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning\n\tin bpf_check","submitter":{"id":65705,"url":"http://patchwork.ozlabs.org/api/people/65705/","name":"Daniel Borkmann","email":"daniel@iogearbox.net"},"content":"On 11/02/2017 12:05 PM, Arnd Bergmann wrote:\n> The bpf_verifer_ops array is generated dynamically and may be\n> empty depending on configuration, which then causes an out\n> of bounds access:\n>\n> kernel/bpf/verifier.c: In function 'bpf_check':\n> kernel/bpf/verifier.c:4320:29: error: array subscript is above array bounds [-Werror=array-bounds]\n>\n> This adds a check to the start of the function as a workaround.\n> I would assume that the function is never called in that configuration,\n> so the warning is probably harmless.\n>\n> Fixes: 00176a34d9e2 (\"bpf: remove the verifier ops from program structure\")\n> Signed-off-by: Arnd Bergmann \n\nAcked-by: Daniel Borkmann \n\nLGTM, and bpf_analyzer() already has proper logic to bail out for\nsuch cases (although only used by nfp right now, which is there\nwhen NET is configured anyway).","headers":{"Return-Path":"","X-Original-To":"patchwork-incoming@ozlabs.org","Delivered-To":"patchwork-incoming@ozlabs.org","Authentication-Results":"ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=)","Received":["from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3ySg0G4DFLz9s9Y\n\tfor ;\n\tFri, 3 Nov 2017 09:35:42 +1100 (AEDT)","(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S934639AbdKBWfb (ORCPT );\n\tThu, 2 Nov 2017 18:35:31 -0400","from www62.your-server.de ([213.133.104.62]:38819 \"EHLO\n\twww62.your-server.de\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n\twith ESMTP id S932201AbdKBWfa (ORCPT\n\t); Thu, 2 Nov 2017 18:35:30 -0400","from [194.230.159.142] (helo=localhost.localdomain)\n\tby www62.your-server.de with esmtpsa (TLSv1.2:DHE-RSA-AES256-SHA:256)\n\t(Exim 4.85_2) (envelope-from )\n\tid 1eAO56-0002ev-4Q; Thu, 02 Nov 2017 23:35:24 +0100"],"Message-ID":"<59FB9DAA.702@iogearbox.net>","Date":"Thu, 02 Nov 2017 23:35:22 +0100","From":"Daniel Borkmann ","User-Agent":"Mozilla/5.0 (X11; Linux x86_64;\n\trv:31.0) Gecko/20100101 Thunderbird/31.7.0","MIME-Version":"1.0","To":"Arnd Bergmann , Alexei Starovoitov ","CC":"\"David S. Miller\" ,\n\tEdward Cree ,\n\tJohn Fastabend ,\n\tJakub Kicinski ,\n\tnetdev@vger.kernel.org, linux-kernel@vger.kernel.org","Subject":"Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning\n\tin bpf_check","References":"<20171102110558.2746221-1-arnd@arndb.de>\n\t<20171102110558.2746221-2-arnd@arndb.de>","In-Reply-To":"<20171102110558.2746221-2-arnd@arndb.de>","Content-Type":"text/plain; charset=windows-1252; format=flowed","Content-Transfer-Encoding":"7bit","X-Authenticated-Sender":"daniel@iogearbox.net","X-Virus-Scanned":"Clear (ClamAV 0.99.2/24010/Thu Nov 2 13:07:00 2017)","Sender":"netdev-owner@vger.kernel.org","Precedence":"bulk","List-ID":"","X-Mailing-List":"netdev@vger.kernel.org"}},{"id":1798401,"web_url":"http://patchwork.ozlabs.org/comment/1798401/","msgid":"<20171103.142047.186502648211524647.davem@davemloft.net>","list_archive_url":null,"date":"2017-11-03T05:20:47","subject":"Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning\n\tin bpf_check","submitter":{"id":15,"url":"http://patchwork.ozlabs.org/api/people/15/","name":"David Miller","email":"davem@davemloft.net"},"content":"From: Arnd Bergmann \nDate: Thu, 2 Nov 2017 12:05:52 +0100\n\n> The bpf_verifer_ops array is generated dynamically and may be\n> empty depending on configuration, which then causes an out\n> of bounds access:\n> \n> kernel/bpf/verifier.c: In function 'bpf_check':\n> kernel/bpf/verifier.c:4320:29: error: array subscript is above array bounds [-Werror=array-bounds]\n> \n> This adds a check to the start of the function as a workaround.\n> I would assume that the function is never called in that configuration,\n> so the warning is probably harmless.\n> \n> Fixes: 00176a34d9e2 (\"bpf: remove the verifier ops from program structure\")\n> Signed-off-by: Arnd Bergmann \n\nApplied.","headers":{"Return-Path":"","X-Original-To":"patchwork-incoming@ozlabs.org","Delivered-To":"patchwork-incoming@ozlabs.org","Authentication-Results":"ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=)","Received":["from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3ySqzy0N62z9s8J\n\tfor ;\n\tFri, 3 Nov 2017 16:21:02 +1100 (AEDT)","(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1755113AbdKCFUx (ORCPT );\n\tFri, 3 Nov 2017 01:20:53 -0400","from shards.monkeyblade.net ([184.105.139.130]:35204 \"EHLO\n\tshards.monkeyblade.net\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n\twith ESMTP id S1752443AbdKCFUv (ORCPT\n\t); Fri, 3 Nov 2017 01:20:51 -0400","from localhost (unknown [61.40.109.130])\n\t(using TLSv1 with cipher AES256-SHA (256/256 bits))\n\t(Client did not present a certificate)\n\t(Authenticated sender: davem-davemloft)\n\tby shards.monkeyblade.net (Postfix) with ESMTPSA id 3DE18103F398F;\n\tThu, 2 Nov 2017 22:20:49 -0700 (PDT)"],"Date":"Fri, 03 Nov 2017 14:20:47 +0900 (KST)","Message-Id":"<20171103.142047.186502648211524647.davem@davemloft.net>","To":"arnd@arndb.de","Cc":"ast@kernel.org, daniel@iogearbox.net, ecree@solarflare.com,\n\tjohn.fastabend@gmail.com, jakub.kicinski@netronome.com,\n\tnetdev@vger.kernel.org, linux-kernel@vger.kernel.org","Subject":"Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning\n\tin bpf_check","From":"David Miller ","In-Reply-To":"<20171102110558.2746221-2-arnd@arndb.de>","References":"<20171102110558.2746221-1-arnd@arndb.de>\n\t<20171102110558.2746221-2-arnd@arndb.de>","X-Mailer":"Mew version 6.7 on Emacs 25.3 / Mule 6.0 (HANACHIRUSATO)","Mime-Version":"1.0","Content-Type":"Text/Plain; charset=us-ascii","Content-Transfer-Encoding":"7bit","X-Greylist":"Sender succeeded SMTP AUTH, not delayed by\n\tmilter-greylist-4.5.12 (shards.monkeyblade.net\n\t[149.20.54.216]); Thu, 02 Nov 2017 22:20:51 -0700 (PDT)","Sender":"netdev-owner@vger.kernel.org","Precedence":"bulk","List-ID":"","X-Mailing-List":"netdev@vger.kernel.org"}}]