From mboxrd@z Thu Jan  1 00:00:00 1970
From: Daniel Borkmann <daniel@iogearbox.net>
Subject: Re: [PATCH 4.4-stable 0/6] bpf: prevent out-of-bounds speculation
Date: Fri, 12 Jan 2018 17:28:37 +0100
Message-ID: <6085762e-355a-31a0-0575-8cd3cb60dda1@iogearbox.net>
References: <20180112161721.8843-1-jslaby@suse.cz>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Cc: stable@vger.kernel.org, ast@kernel.org, netdev@vger.kernel.org
To: Jiri Slaby <jslaby@suse.cz>, gregkh@linuxfoundation.org
Return-path: <stable-owner@vger.kernel.org>
In-Reply-To: <20180112161721.8843-1-jslaby@suse.cz>
Content-Language: en-US
Sender: stable-owner@vger.kernel.org
List-Id: netdev.vger.kernel.org

Hi Jiri,

On 01/12/2018 05:17 PM, Jiri Slaby wrote:
> Hi,
> 
> this is a backport of these patches which I did for our kernels:

Thanks for doing! One comment below:

> c237ee5eb33b bpf: add bpf_patch_insn_single helper
> 3df126f35f88 bpf: don't (ab)use instructions to store state
> e245c5c6a565 bpf: move fixup_bpf_calls() function
> 79741b3bdec0 bpf: refactor fixup_bpf_calls()
> 8041902dae52 bpf: adjust insn_aux_data when patching insns
> b2157399cc98 bpf: prevent out-of-bounds speculation
> 
> I offer it here for use in stable 4.4, if there is no better/simpler
> backport available yet.
> 
> Alexei Starovoitov (4):
>   bpf: move fixup_bpf_calls() function
>   bpf: refactor fixup_bpf_calls()
>   bpf: adjust insn_aux_data when patching insns
>   bpf: prevent out-of-bounds speculation

Please note that this still needs a fix [0] in addition. It's in
bpf tree [1] and we'll get this out today to DaveM as a pull-req
today, and hopefully it wouldn't take too long to land in Linus'
tree from there again, sorry for the inconvenience. Once that
landed we can move this into 4.4.

  [0] https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=bbeb6e4323dad9b5e0ee9f60c223dd532e2403b1
  [1] https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/

> Daniel Borkmann (1):
>   bpf: add bpf_patch_insn_single helper
> 
> Jakub Kicinski (1):
>   bpf: don't (ab)use instructions to store state
> 
>  include/linux/bpf.h    |   2 +
>  include/linux/filter.h |   3 +
>  kernel/bpf/arraymap.c  |  24 ++++--
>  kernel/bpf/core.c      |  71 ++++++++++++++++
>  kernel/bpf/syscall.c   |  54 ------------
>  kernel/bpf/verifier.c  | 217 +++++++++++++++++++++++++++++++++++--------------
>  6 files changed, 252 insertions(+), 119 deletions(-)