review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Daniel Borkmann <daniel@iogearbox.net>
	Wed, 10 Jan 2018 19:04:37 +0000 (20:04 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 17 Jan 2018 08:45:25 +0000 (09:45 +0100)
commit	a2e0b5db9b581f78155bd4999b5bb2d0d8037eda
tree	34077f0f12225786243522d52c47b925f7415383	tree \| snapshot
parent	67c05d9414512e1f9040d29e37e3d5533d8c51dd	commit \| diff

bpf: arsh is not supported in 32 bit alu thus reject it

commit 7891a87efc7116590eaba57acc3c422487802c6f upstream.

The following snippet was throwing an 'unknown opcode cc' warning
in BPF interpreter:

  0: (18) r0 = 0x0
  2: (7b) *(u64 *)(r10 -16) = r0
  3: (cc) (u32) r0 s>>= (u32) r0
  4: (95) exit

Although a number of JITs do support BPF_ALU | BPF_ARSH | BPF_{K,X}
generation, not all of them do and interpreter does neither. We can
leave existing ones and implement it later in bpf-next for the
remaining ones, but reject this properly in verifier for the time
being.

Fixes: 17a5267067f3 ("bpf: verifier (add verifier core)")
Reported-by: syzbot+93c4904c5c70348a6890@syzkaller.appspotmail.com
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

kernel/bpf/verifier.c		diff \| blob \| history
tools/testing/selftests/bpf/test_verifier.c		diff \| blob \| history