[SRU,Xenial,0/1] CVE-2021-29154

Message ID	20210409194709.23669-1-cascardo@canonical.com
Headers	show Return-Path: <kernel-team-bounces@lists.ubuntu.com> From: Thadeu Lima de Souza Cascardo <cascardo@canonical.com> To: kernel-team@lists.ubuntu.com Subject: [SRU Xenial 0/1] CVE-2021-29154 Date: Fri, 9 Apr 2021 16:47:08 -0300 Message-Id: <20210409194709.23669-1-cascardo@canonical.com> MIME-Version: 1.0 Precedence: list Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>
Series	CVE-2021-29154 \| expand [SRU,Xenial,0/1] CVE-2021-29154 [SRU,Xenial,1/1] UBUNTU: SAUCE: bpf, x86: Validate computation of branch displacements for x86-64

Message ID

20210409194709.23669-1-cascardo@canonical.com

Headers

From: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU Xenial 0/1] CVE-2021-29154
Date: Fri,  9 Apr 2021 16:47:08 -0300
Message-Id: <20210409194709.23669-1-cascardo@canonical.com>
MIME-Version: 1.0
Precedence: list
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

Series

CVE-2021-29154 | expand

Message

Thadeu Lima de Souza Cascardo April 9, 2021, 7:47 p.m. UTC

[Impact]

See https://www.openwall.com/lists/oss-security/2021/04/08/1.

[Test case]

Ran LTP bpf tests and test_kmod.sh from kselftests, that use the test_bpf
module.

[Regression potential]

Some BPF code might fail to load and this might prevent seccomp, systemd, etc,
from correctly running services, so boot may fail and safeguards might not run.


Piotr Krysiuk (1):
  UBUNTU: SAUCE: bpf, x86: Validate computation of branch displacements
    for x86-64

 arch/x86/net/bpf_jit_comp.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

Comments

Guilherme G. Piccoli April 9, 2021, 8:53 p.m. UTC | #1

On Fri, Apr 9, 2021 at 4:47 PM Thadeu Lima de Souza Cascardo
<cascardo@canonical.com> wrote:
>
> [Impact]
>
> See https://www.openwall.com/lists/oss-security/2021/04/08/1.
>
> [Test case]
>
> Ran LTP bpf tests and test_kmod.sh from kselftests, that use the test_bpf
> module.
>
> [Regression potential]
>
> Some BPF code might fail to load and this might prevent seccomp, systemd, etc,
> from correctly running services, so boot may fail and safeguards might not run.
>
>
> Piotr Krysiuk (1):
>   UBUNTU: SAUCE: bpf, x86: Validate computation of branch displacements
>     for x86-64
>
>  arch/x86/net/bpf_jit_comp.c | 13 +++++++++++--
>  1 file changed, 11 insertions(+), 2 deletions(-)
>

Thanks Cascardo, LGTM:

Acked-by: Guilherme G. Piccoli <gpiccoli@canonical.com>

Colin Ian King April 9, 2021, 8:59 p.m. UTC | #2

On 09/04/2021 20:47, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> 
> See https://www.openwall.com/lists/oss-security/2021/04/08/1.
> 
> [Test case]
> 
> Ran LTP bpf tests and test_kmod.sh from kselftests, that use the test_bpf
> module.
> 
> [Regression potential]
> 
> Some BPF code might fail to load and this might prevent seccomp, systemd, etc,
> from correctly running services, so boot may fail and safeguards might not run.
> 
> 
> Piotr Krysiuk (1):
>   UBUNTU: SAUCE: bpf, x86: Validate computation of branch displacements
>     for x86-64
> 
>  arch/x86/net/bpf_jit_comp.c | 13 +++++++++++--
>  1 file changed, 11 insertions(+), 2 deletions(-)
> 

Looks good to me - and I've eyeballed this in action with various
instrumented test cases too.

Thanks Thadeu.

Acked-by: Colin Ian King <colin.king@canonical.com>

Thadeu Lima de Souza Cascardo April 10, 2021, 6:12 p.m. UTC | #3

Applied to xenial master-next branch.

Thanks.
Cascardo.