[v2] bpf: fix divides by zero

Message ID	1515807803.3606.7.camel@gmail.com
State	Accepted, archived
Delegated to:	BPF Maintainers
Headers	show Return-Path: <netdev-owner@vger.kernel.org> Message-ID: <1515807803.3606.7.camel@gmail.com> Subject: [PATCH v2] bpf: fix divides by zero From: Eric Dumazet <eric.dumazet@gmail.com> To: Alexei Starovoitov <ast@kernel.org>, Daniel Borkmann <daniel@iogearbox.net> Cc: netdev <netdev@vger.kernel.org>, edumazet@google.com Date: Fri, 12 Jan 2018 17:43:23 -0800 In-Reply-To: <1515807206.3606.4.camel@gmail.com> References: <1515807206.3606.4.camel@gmail.com> Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: netdev-owner@vger.kernel.org Precedence: bulk
Series	[v2] bpf: fix divides by zero \| expand [v2] bpf: fix divides by zero

Message ID

1515807803.3606.7.camel@gmail.com

State

Accepted, archived

Delegated to:

BPF Maintainers

Headers

Message-ID: <1515807803.3606.7.camel@gmail.com>
Subject: [PATCH v2] bpf: fix divides by zero
From: Eric Dumazet <eric.dumazet@gmail.com>
To: Alexei Starovoitov <ast@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>
Cc: netdev <netdev@vger.kernel.org>, edumazet@google.com
Date: Fri, 12 Jan 2018 17:43:23 -0800
In-Reply-To: <1515807206.3606.4.camel@gmail.com>
References: <1515807206.3606.4.camel@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: netdev-owner@vger.kernel.org
Precedence: bulk

Series

[v2] bpf: fix divides by zero | expand

Commit Message

Eric Dumazet Jan. 13, 2018, 1:43 a.m. UTC

From: Eric Dumazet <edumazet@google.com>

Divides by zero are not nice, lets avoid them if possible.

Also do_div() seems not needed when dealing with 32bit operands,
but this seems a minor detail.

Fixes: bd4cf0ed331a ("net: filter: rework/optimize internal BPF interpreter's instruction set")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
---
v2: kernel patches 101 : do not mangle patch :/

 kernel/bpf/core.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Comments

Alexei Starovoitov Jan. 14, 2018, 5:08 p.m. UTC | #1

On Fri, Jan 12, 2018 at 05:43:23PM -0800, Eric Dumazet wrote:
> From: Eric Dumazet <edumazet@google.com>
> 
> Divides by zero are not nice, lets avoid them if possible.
> 
> Also do_div() seems not needed when dealing with 32bit operands,
> but this seems a minor detail.
> 
> Fixes: bd4cf0ed331a ("net: filter: rework/optimize internal BPF interpreter's instruction set")
> Signed-off-by: Eric Dumazet <edumazet@google.com>
> Reported-by: syzbot <syzkaller@googlegroups.com>
> ---

Applied, Thank you Eric.

diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
index 51ec2dda7f08c6c90af084589bb6d80662c77d12..7949e8b8f94e9cc196e0449214493ccce61b0903 100644
--- a/kernel/bpf/core.c
+++ b/kernel/bpf/core.c
@@ -956,7 +956,7 @@  static unsigned int ___bpf_prog_run(u64 *regs, const struct bpf_insn *insn,
 		DST = tmp;
 		CONT;
 	ALU_MOD_X:
-		if (unlikely(SRC == 0))
+		if (unlikely((u32)SRC == 0))
 			return 0;
 		tmp = (u32) DST;
 		DST = do_div(tmp, (u32) SRC);
@@ -975,7 +975,7 @@  static unsigned int ___bpf_prog_run(u64 *regs, const struct bpf_insn *insn,
 		DST = div64_u64(DST, SRC);
 		CONT;
 	ALU_DIV_X:
-		if (unlikely(SRC == 0))
+		if (unlikely((u32)SRC == 0))
 			return 0;
 		tmp = (u32) DST;
 		do_div(tmp, (u32) SRC);

[v2] bpf: fix divides by zero

Commit Message

Comments

Patch