Re: [PATCH 4.19 0/3] BPF fixes for CVE-2021-3444 and CVE-2021-3600

[PATCH 4.19 0/3] BPF fixes for CVE-2021-3444 and CVE-2021-3600 · Thadeu Lima de Souza Cascardo <hidden> · 2021-08-27
[PATCH 4.19 1/3] bpf: Do not use ax register in interpreter on div/mod · Thadeu Lima de Souza Cascardo <hidden> · 2021-08-27
[PATCH 4.19 2/3] bpf: Fix 32 bit src register truncation on div/mod · Thadeu Lima de Souza Cascardo <hidden> · 2021-08-27
[PATCH 4.19 3/3] bpf: Fix truncation handling for mod32 dst reg wrt zero · Thadeu Lima de Souza Cascardo <hidden> · 2021-08-27
Re: [PATCH 4.19 0/3] BPF fixes for CVE-2021-3444 and CVE-2021-3600 · Greg KH <gregkh@linuxfoundation.org> · 2021-08-27

From: Greg KH <gregkh@linuxfoundation.org>
Date: 2021-08-27 14:38:31
Also in: bpf

On Fri, Aug 27, 2021 at 10:55:30AM -0300, Thadeu Lima de Souza Cascardo wrote:

The upstream changes necessary to fix these CVEs rely on the presence of JMP32,
which is not a small backport and brings its own potential set of necessary
follow-ups.

Daniel Borkmann, John Fastabend and Alexei Starovoitov came up with a fix
involving the use of the AX register.

This has been tested against the test_verifier in 4.19.y tree and some tests
specific to the two referred CVEs.

THanks for these, now queued up!

greg k-h

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help