diff options
author | Daniel Borkmann <daniel@iogearbox.net> | 2019-01-03 00:58:31 +0100 |
---|---|---|
committer | Alexei Starovoitov <ast@kernel.org> | 2019-01-03 01:01:24 +0100 |
commit | e4298d25830a866cc0f427d4bccb858e76715859 (patch) | |
tree | a3915815e64315b9c2b16cb78783a7a821597270 /kernel/ptrace.c | |
parent | bpf: restrict map value pointer arithmetic for unprivileged (diff) | |
download | linux-e4298d25830a866cc0f427d4bccb858e76715859.tar.xz linux-e4298d25830a866cc0f427d4bccb858e76715859.zip |
bpf: restrict stack pointer arithmetic for unprivileged
Restrict stack pointer arithmetic for unprivileged users in that
arithmetic itself must not go out of bounds as opposed to the actual
access later on. Therefore after each adjust_ptr_min_max_vals() with
a stack pointer as a destination we simulate a check_stack_access()
of 1 byte on the destination and once that fails the program is
rejected for unprivileged program loads. This is analog to map
value pointer arithmetic and needed for masking later on.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Diffstat (limited to 'kernel/ptrace.c')
0 files changed, 0 insertions, 0 deletions