Message ID | 20181002024003.25635-1-guro@fb.com |
---|---|
State | Accepted, archived |
Delegated to: | BPF Maintainers |
Headers | show |
Series | [bpf] bpf: don't accept cgroup local storage with zero value size | expand |
On 10/02/2018 04:41 AM, Roman Gushchin wrote: > Explicitly forbid creating cgroup local storage maps with zero value > size, as it makes no sense and might even cause a panic. > > Reported-by: syzbot+18628320d3b14a5c459c@syzkaller.appspotmail.com > Signed-off-by: Roman Gushchin <guro@fb.com> > Cc: Alexei Starovoitov <ast@kernel.org> > Cc: Daniel Borkmann <daniel@iogearbox.net> Applied to bpf, thanks Roman!
diff --git a/kernel/bpf/local_storage.c b/kernel/bpf/local_storage.c index 944eb297465f..9f79956bff7d 100644 --- a/kernel/bpf/local_storage.c +++ b/kernel/bpf/local_storage.c @@ -261,6 +261,9 @@ static struct bpf_map *cgroup_storage_map_alloc(union bpf_attr *attr) if (attr->key_size != sizeof(struct bpf_cgroup_storage_key)) return ERR_PTR(-EINVAL); + if (attr->value_size == 0) + return ERR_PTR(-EINVAL); + if (attr->value_size > PAGE_SIZE) return ERR_PTR(-E2BIG);
Explicitly forbid creating cgroup local storage maps with zero value size, as it makes no sense and might even cause a panic. Reported-by: syzbot+18628320d3b14a5c459c@syzkaller.appspotmail.com Signed-off-by: Roman Gushchin <guro@fb.com> Cc: Alexei Starovoitov <ast@kernel.org> Cc: Daniel Borkmann <daniel@iogearbox.net> --- kernel/bpf/local_storage.c | 3 +++ 1 file changed, 3 insertions(+)