New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Misaligned memory access in btf_ext__new() #391
Comments
There seem to be two points where we lose a proper alignment of BTF and BTF.ext data:
But ultimately to guarantee no misaligned memory accesses when parsing BTF and BTF.ext, libbpf would need to do a memory copy, if provided source data is mis-aligned. It will incur runtime overhead and add a bit of code complexity. For x86/x86-64 architectures this misalignment is not a problem per se, but for some other arches it will lead to a crash, so we probably have to pay this price. |
It's probably worth mentioning that the "alignment" check is turned off by default on OSS-Fuzz so it should be safe to include the undefined sanitizer in google/oss-fuzz#6608 in its current form. Though I think once it's fixed something like |
Yonghong fixed this in https://reviews.llvm.org/D112106 already. |
Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org
Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf#391 Fixes: 2993e0515bb4 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org
The issue is gone. Thanks! I tried to turn on the alignment check on OSS-Fuzz and it triggered:
I'm not sure whether it's a libbpf issue or a libelf issue though. I'll try to double-check |
In the meantime, I've just opened google/oss-fuzz#6915 where only libbpf is built with the alignment check |
With that patch applied UBSan complained about
which I think is the same issue UBSan complained with |
The first one (in elf_memory()) seems to be the problem with libelf not handling alignment properly. I don't see anywhere the requirement that bytes passed to the elf_memory() should be aligned, so this does seem like libelf bug. As for the second, Elf64_Shdr * is returned by libelf from elf64_getshdr(), so if it is misaligned, then it's also libelf's fault. But I'm not sure how meaningful it is to go and do memory copies just to re-align the bytes ahead of time. This seems like a very impractical corner case, tbh. |
@anakryiko agreed. I closed that PR because I didn't want to bother the libbpf project with elfutil bugs. The issues that were fixed in https://reviews.llvm.org/D112106 and 25eb5c4 can be caught in the future (to prevent them from making it into the repository again) by running the libbpf testsuite under UBSan. Judging by https://lore.kernel.org/bpf/20211124002325.1737739-1-andrii@kernel.org/ it's in the works as far as I can see. |
yep, it currently is blocked on some preliminary work with our BPF CI system, but we plan to have test runs with sanitizers. |
Interestingly, the elfutils project by default allows unaligned access on i386 and x86_64 and kind of turns it off everywhere else. I set |
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>
BugLink: https://bugs.launchpad.net/bugs/1959376 [ Upstream commit 401891a ] Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org> Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
to catch issues like libbpf#391
mainline inclusion from mainline-5.17-rc1 commit 401891a category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I5EUVD CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=401891a9debaf0a684502f2aaecf53448cee9414 ------------------------------------------------- Perform a memory copy before we do the sanity checks of btf_ext_hdr. This prevents misaligned memory access if raw btf_ext data is not 4-byte aligned ([0]). While at it, also add missing const qualifier. [0] Closes: libbpf/libbpf#391 Fixes: 2993e05 ("tools/bpf: add support to read .BTF.ext sections") Reported-by: Evgeny Vereshchagin <evvers@ya.ru> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20211124002325.1737739-3-andrii@kernel.org (cherry picked from commit 401891a) Signed-off-by: Wang Yufen <wangyufen@huawei.com>
I compiled the
minimal
bpf application from https://github.com/libbpf/libbpf-bootstrap with ASan/UBSan and linked it againstlibbpf
pointing at themaster
branch (built with ASan/UBSan as well). When I ran it I got a few UBSan warnings (I'm not sure whether it has anything to do withlibbpf
or the way bpf skeletons are generated byclang/bpftool
though):The text was updated successfully, but these errors were encountered: