bpf: Allow delete from sockmap/sockhash only if update is allowed - linux

diff options

author	Jakub Sitnicki <jakub@cloudflare.com>	2024-05-27 13:20:07 +0200
committer	Daniel Borkmann <daniel@iogearbox.net>	2024-05-27 19:33:40 +0200
commit	98e948fb60d41447fd8d2d0c3b8637fc6b6dc26d (patch)
tree	a96449f76eff9a59365db5570758d363176cea30 /tools/testing/selftests/bpf/prog_tests/verifier.c
parent	selftests/bpf: Add netkit test for pkt_type (diff)
download	linux-98e948fb60d41447fd8d2d0c3b8637fc6b6dc26d.tar.xz linux-98e948fb60d41447fd8d2d0c3b8637fc6b6dc26d.zip

bpf: Allow delete from sockmap/sockhash only if update is allowed

We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a map_delete on a sockmap/sockhash. We don't intend to support this artificial use scenario. Extend the existing verifier allowed-program-type check for updating sockmap/sockhash to also cover deleting from a map. From now on only BPF programs which were previously allowed to update sockmap/sockhash can delete from these map types. Fixes: ff9105993240 ("bpf, sockmap: Prevent lock inversion deadlock in map delete elem") Reported-by: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp> Reported-by: syzbot+ec941d6e24f633a59172@syzkaller.appspotmail.com Signed-off-by: Jakub Sitnicki <jakub@cloudflare.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Tested-by: syzbot+ec941d6e24f633a59172@syzkaller.appspotmail.com Acked-by: John Fastabend <john.fastabend@gmail.com> Closes: https://syzkaller.appspot.com/bug?extid=ec941d6e24f633a59172 Link: https://lore.kernel.org/bpf/20240527-sockmap-verify-deletes-v1-1-944b372f2101@cloudflare.com

Diffstat (limited to 'tools/testing/selftests/bpf/prog_tests/verifier.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: