diff options
author | Daniel Borkmann <daniel@iogearbox.net> | 2018-10-24 22:05:44 +0200 |
---|---|---|
committer | Alexei Starovoitov <ast@kernel.org> | 2018-10-25 17:02:06 -0700 |
commit | ab21c1b5f799395232b838e98981cfed6d647905 (patch) | |
tree | 103ae279bd9619b0f6bf7e33de8cd09784db9a12 /tools | |
parent | 36641ad61db5ce9befd5eb0071abb36eaff16cfc (diff) | |
download | linux-ab21c1b5f799395232b838e98981cfed6d647905.tar.gz linux-ab21c1b5f799395232b838e98981cfed6d647905.tar.bz2 linux-ab21c1b5f799395232b838e98981cfed6d647905.zip |
bpf: disallow direct packet access for unpriv in cg_skb
Commit b39b5f411dcf ("bpf: add cg_skb_is_valid_access for
BPF_PROG_TYPE_CGROUP_SKB") added support for returning pkt pointers
for direct packet access. Given this program type is allowed for both
unprivileged and privileged users, we shouldn't allow unprivileged
ones to use it, e.g. besides others one reason would be to avoid any
potential speculation on the packet test itself, thus guard this for
root only.
Fixes: b39b5f411dcf ("bpf: add cg_skb_is_valid_access for BPF_PROG_TYPE_CGROUP_SKB")
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Cc: Song Liu <songliubraving@fb.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Diffstat (limited to 'tools')
-rw-r--r-- | tools/testing/selftests/bpf/test_verifier.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/tools/testing/selftests/bpf/test_verifier.c b/tools/testing/selftests/bpf/test_verifier.c index 8e1a79d2792c..36f3d3009d1a 100644 --- a/tools/testing/selftests/bpf/test_verifier.c +++ b/tools/testing/selftests/bpf/test_verifier.c @@ -4892,7 +4892,7 @@ static struct bpf_test tests[] = { }, .result = ACCEPT, .result_unpriv = REJECT, - .errstr_unpriv = "R3 pointer comparison prohibited", + .errstr_unpriv = "invalid bpf_context access off=76 size=4", .prog_type = BPF_PROG_TYPE_CGROUP_SKB, }, { |