Daniel Borkmann f531fbb06a bpf: reject stores into ctx via st and xadd ... [ upstream commit f37a8cb84c ] Alexei found that verifier does not reject stores into context via BPF_ST instead of BPF_STX. And while looking at it, we also should not allow XADD variant of BPF_STX. The context rewriter is only assuming either BPF_LDX_MEM- or BPF_STX_MEM-type operations, thus reject anything other than that so that assumptions in the rewriter properly hold. Add test cases as well for BPF selftests. Fixes: d691f9e8d4 ("bpf: allow programs to write to certain skb fields") Reported-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2018-01-31 12:55:57 +01:00
..
Makefile	bpf: introduce percpu_freelist	2016-03-08 15:28:31 -05:00
arraymap.c	bpf, array: fix overflow in max_entries and undefined behavior in index_mask	2018-01-17 09:38:55 +01:00
core.c	bpf: fix divides by zero	2018-01-31 12:55:57 +01:00
hashtab.c	bpf: don't trigger OOM killer under pressure with map alloc	2017-07-05 14:40:21 +02:00
helpers.c	bpf: direct packet write and access for helpers for clsact progs	2016-09-20 23:32:11 -04:00
inode.c	fs: Replace CURRENT_TIME with current_time() for inode timestamps	2016-09-27 21:06:21 -04:00
percpu_freelist.c	bpf: fix lockdep splat	2017-12-14 09:28:23 +01:00
percpu_freelist.h	bpf: introduce percpu_freelist	2016-03-08 15:28:31 -05:00
stackmap.c	bpf: don't trigger OOM killer under pressure with map alloc	2017-07-05 14:40:21 +02:00
syscall.c	bpf: move fixup_bpf_calls() function	2018-01-17 09:38:55 +01:00
verifier.c	bpf: reject stores into ctx via st and xadd	2018-01-31 12:55:57 +01:00