On Tue, Jun 01, 2021 at 11:28:00PM +0200, Kurt Manucredo wrote:

On Tue, 1 Jun 2021 17:43:24 +0200, Greg KH [off-list ref] wrote:

quoted

On Tue, Jun 01, 2021 at 04:33:09PM +0200, Kurt Manucredo wrote:

quoted

Fix shift-out-of-bounds in ___bpf_prog_run().

How is this "fixed"?

Fix shift-out-of-bounds in ___bpf_prog_run() by adding extra boundary
check in check_alu_op() in verifier.c.

Great, say this in the changelog text.

quoted

quoted

UBSAN: shift-out-of-bounds in kernel/bpf/core.c:1414:2
shift exponent 248 is too large for 32-bit type 'unsigned int'

What is this from?

https://syzkaller.appspot.com/bug?id=edb51be4c9a320186328893287bb30d5eed09231

You should provide this link in the changelog text.

quoted

Any reason you didn't cc: the bpf maintainers and developers?

Yes. I send them to you, the mentees mailing list and Shuah, first, for
review, comment and help. Is this not okay? 

Ok, didn't know what you were wanting here, you can always ask questions
like this below the --- line of a patch.

quoted

quoted

Reported-by: syzbot+bed360704c521841c85d@syzkaller.appspotmail.com

Does this pass the syzbot testing?

Yes, it says 'OK' in the 'Result' column at:
https://syzkaller.appspot.com/bug?id=edb51be4c9a320186328893287bb30d5eed09231

You should also say something like "passes the syzbot reproducer test"
in the changelog text as well.

But at this point I cannot say if this is right. Should I send the next
version to everyone?

Please do!

thanks,

greg k-h
_______________________________________________
Linux-kernel-mentees mailing list
Linux-kernel-mentees@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/linux-kernel-mentees