From patchwork Sat Jan 13 01:43:23 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 860270 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="am7/F9GA"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3zJMp852hTz9t3p for ; Sat, 13 Jan 2018 12:43:28 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S965399AbeAMBn0 (ORCPT ); Fri, 12 Jan 2018 20:43:26 -0500 Received: from mail-pl0-f67.google.com ([209.85.160.67]:42086 "EHLO mail-pl0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S965201AbeAMBnZ (ORCPT ); Fri, 12 Jan 2018 20:43:25 -0500 Received: by mail-pl0-f67.google.com with SMTP id bd8so6240plb.9 for ; Fri, 12 Jan 2018 17:43:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:subject:from:to:cc:date:in-reply-to:references :mime-version:content-transfer-encoding; bh=44ukTQiODhvoaZknbQCuz9qGkqCu4sZziRtz7zGjOrQ=; b=am7/F9GA0iUFqaKsyYpghz9o3+DSq6vAHbcdx9jVcvOoVOJhKRj8fo5X2PCF/b2F+r IJURx/osdO1StsBA0a05v5JsePLn9bj4J41TLLMqzLbRIOVWqlF6V6wHWV8gWq/pc1YR PoEWYjLecHceb6VBjfF9qaM6R6H5rzuAezseJujdXDJkZS4VFsZjnb5T/DLDdisJfjik lpSO37/LAbuxUYzYklVBSlsuxe5ljN/vNHr598rfAeBZum0hebSzUbk7Ey9YCRFEoIRK gRE2fW9zvvy9Bv24jTGjGNg3Ea64xlh/rz6WdmSQVxu1Jxz/Fw5Qp1PoKY7XvZLPfw5L 1j2Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:subject:from:to:cc:date:in-reply-to :references:mime-version:content-transfer-encoding; bh=44ukTQiODhvoaZknbQCuz9qGkqCu4sZziRtz7zGjOrQ=; b=o9udvSR0xGH/sZXHUquots1JnBuR4PmIx4PTrAdWRPOSedQKO8mm3/Wl91Ela/QHaF nxnh4FZWuAhW6+IVPI7BaIEwDjcZ8WGGhUZ5RjqO1C6efdLRt81ENziTgxlb0A9Tgkah gv87DIaVI4CBrfnM1eqoMwx0RQbISkpF1VFk5jW4+pi82b8ghrnPvCU56jzyuF3EXKMD zrOZTJNy3xH/4ABlBaaJ7+4z07/hXBmmOriQ0uqSHzTepWVfMMJ+4qWfxOiUW17dcXWB X9Umye5EGip4WHtJfmQrFY6mvsAOErX0IzqqL4nWiqkVHMFzm7XbvF8udGi1ckmWTPC5 FhIA== X-Gm-Message-State: AKGB3mLm7jcMGg1P0IJpcqNEymLy+s1VC61hkyh7JpzqIgV9yrH8ledj kcVnk2kEsZ+ex8pQazqzBk8= X-Google-Smtp-Source: ACJfBovqScve9Kruq4v78bnXBiy71BL7d9yTa6ifpf2xiW6aOv+nejSxOn/XKMZeAUUksfeLP+zV/w== X-Received: by 10.84.128.71 with SMTP id 65mr28345026pla.282.1515807805093; Fri, 12 Jan 2018 17:43:25 -0800 (PST) Received: from edumazet-glaptop3.lan (c-67-180-167-114.hsd1.ca.comcast.net. [67.180.167.114]) by smtp.googlemail.com with ESMTPSA id 185sm8313670pfu.16.2018.01.12.17.43.24 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 12 Jan 2018 17:43:24 -0800 (PST) Message-ID: <1515807803.3606.7.camel@gmail.com> Subject: [PATCH v2] bpf: fix divides by zero From: Eric Dumazet To: Alexei Starovoitov , Daniel Borkmann Cc: netdev , edumazet@google.com Date: Fri, 12 Jan 2018 17:43:23 -0800 In-Reply-To: <1515807206.3606.4.camel@gmail.com> References: <1515807206.3606.4.camel@gmail.com> X-Mailer: Evolution 3.22.6-1+deb9u1 Mime-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Eric Dumazet Divides by zero are not nice, lets avoid them if possible. Also do_div() seems not needed when dealing with 32bit operands, but this seems a minor detail. Fixes: bd4cf0ed331a ("net: filter: rework/optimize internal BPF interpreter's instruction set") Signed-off-by: Eric Dumazet Reported-by: syzbot --- v2: kernel patches 101 : do not mangle patch :/  kernel/bpf/core.c |    4 ++--  1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c index 51ec2dda7f08c6c90af084589bb6d80662c77d12..7949e8b8f94e9cc196e0449214493ccce61b0903 100644 --- a/kernel/bpf/core.c +++ b/kernel/bpf/core.c @@ -956,7 +956,7 @@ static unsigned int ___bpf_prog_run(u64 *regs, const struct bpf_insn *insn, DST = tmp; CONT; ALU_MOD_X: - if (unlikely(SRC == 0)) + if (unlikely((u32)SRC == 0)) return 0; tmp = (u32) DST; DST = do_div(tmp, (u32) SRC); @@ -975,7 +975,7 @@ static unsigned int ___bpf_prog_run(u64 *regs, const struct bpf_insn *insn, DST = div64_u64(DST, SRC); CONT; ALU_DIV_X: - if (unlikely(SRC == 0)) + if (unlikely((u32)SRC == 0)) return 0; tmp = (u32) DST; do_div(tmp, (u32) SRC);