BPF Archive on lore.kernel.org
 help / color / Atom feed
From: "van der Linden, Frank" <fllinden@amazon.com>
To: Greg KH <gregkh@linuxfoundation.org>
Cc: "stable@vger.kernel.org" <stable@vger.kernel.org>,
	"bpf@vger.kernel.org" <bpf@vger.kernel.org>
Subject: Re: [PATCH 5.4 0/8] BPF backports for CVE-2021-29155
Date: Fri, 30 Apr 2021 16:38:29 +0000
Message-ID: <275977B4-72C4-4B86-9B94-47054AAA8067@amazon.com> (raw)
In-Reply-To: <YIwIX2mB/+tR0AuG@kroah.com>

Sure. I have a 4.14 one coming up too, but that one was just a little harder, and it also corrects a previous backport error that was made (correction was already acked), and picks some other commits to get selftests clean. So I'll probably send it to just bpf@ first.

Others will have to take care of 4.19 or older kernels, though, just flagging that I have done the 4.14 backport for these.

Frank

On 4/30/21, 6:39 AM, "Greg KH" <gregkh@linuxfoundation.org> wrote:

    CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.



    On Thu, Apr 29, 2021 at 10:08:31PM +0000, Frank van der Linden wrote:
    > This is a backport of the BPF verifier fixes for CVE-2021-29155. Original
    > series was part of the pull request here: https://lore.kernel.org/bpf/20210416223700.15611-1-daniel@iogearbox.net/T/
    >
    > This wasn't a complicated backport, but copying bpf@ to see if
    > there are any concerns.
    >
    > 5.4 verifier selftests are clean with this backport:
    >       Summary: 1566 PASSED, 0 SKIPPED, 0 FAILED
    >
    > The individual commits:

    Many thanks for these, now queued up.

    greg k-h


  reply index

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-04-29 22:08 Frank van der Linden
2021-04-29 22:08 ` [PATCH 5.4 1/8] bpf: Move off_reg into sanitize_ptr_alu Frank van der Linden
2021-04-29 22:08 ` [PATCH 5.4 2/8] bpf: Ensure off_reg has no mixed signed bounds for all types Frank van der Linden
2021-04-29 22:08 ` [PATCH 5.4 3/8] bpf: Rework ptr_limit into alu_limit and add common error path Frank van der Linden
2021-04-29 22:08 ` [PATCH 5.4 4/8] bpf: Improve verifier error messages for users Frank van der Linden
2021-04-29 22:08 ` [PATCH 5.4 5/8] bpf: Refactor and streamline bounds check into helper Frank van der Linden
2021-04-29 22:08 ` [PATCH 5.4 6/8] bpf: Move sanitize_val_alu out of op switch Frank van der Linden
2021-04-29 22:08 ` [PATCH 5.4 7/8] bpf: Tighten speculative pointer arithmetic mask Frank van der Linden
2021-04-29 22:08 ` [PATCH 5.4 8/8] bpf: Update selftests to reflect new error states Frank van der Linden
2021-04-30 13:38 ` [PATCH 5.4 0/8] BPF backports for CVE-2021-29155 Greg KH
2021-04-30 16:38   ` van der Linden, Frank [this message]
2021-05-01  6:05     ` Greg KH
2021-05-01 17:54       ` van der Linden, Frank

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=275977B4-72C4-4B86-9B94-47054AAA8067@amazon.com \
    --to=fllinden@amazon.com \
    --cc=bpf@vger.kernel.org \
    --cc=gregkh@linuxfoundation.org \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

BPF Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/bpf/0 bpf/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 bpf bpf/ https://lore.kernel.org/bpf \
		bpf@vger.kernel.org
	public-inbox-index bpf

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.bpf


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git