OpenCloudOS-Kernel/kernel
Byeonguk Jeong 4dea7a47fa bpf: Fix out-of-bounds write in trie_get_next_key()
[ Upstream commit 13400ac8fb80c57c2bfb12ebd35ee121ce9b4d21 ]

trie_get_next_key() allocates a node stack with size trie->max_prefixlen,
while it writes (trie->max_prefixlen + 1) nodes to the stack when it has
full paths from the root to leaves. For example, consider a trie with
max_prefixlen is 8, and the nodes with key 0x00/0, 0x00/1, 0x00/2, ...
0x00/8 inserted. Subsequent calls to trie_get_next_key with _key with
.prefixlen = 8 make 9 nodes be written on the node stack with size 8.

Fixes: b471f2f1de ("bpf: implement MAP_GET_NEXT_KEY command for LPM_TRIE map")
Signed-off-by: Byeonguk Jeong <jungbu2855@gmail.com>
Reviewed-by: Toke Høiland-Jørgensen <toke@kernel.org>
Tested-by: Hou Tao <houtao1@huawei.com>
Acked-by: Hou Tao <houtao1@huawei.com>
Link: https://lore.kernel.org/r/Zxx384ZfdlFYnz6J@localhost.localdomain
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Jianping Liu <frankjpliu@tencent.com>
2024-11-27 15:13:06 +08:00
..
bpf bpf: Fix out-of-bounds write in trie_get_next_key() 2024-11-27 15:13:06 +08:00
cgroup tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
configs dist,Makefile: generic-debug config only build kernel rpm 2024-09-25 19:07:13 +08:00
debug tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
dma tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
events tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
gcov tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
irq tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
livepatch tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
locking tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
power tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
printk tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
rcu tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
sched sched/fair: Introduce SIS_UTIL to search idle CPU based on sum of util_avg 2024-11-10 06:59:46 +08:00
time alinux: arm64: adjust tk_core memory layout 2024-11-27 15:13:04 +08:00
tkernel tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
trace tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
.gitignore ock: sync codes to ock 5.4.119-20.0009.21 2024-06-11 20:27:38 +08:00
Kconfig.freezer treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Kconfig.hz treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Kconfig.locks treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Kconfig.preempt tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
Kconfig.tkernel tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
Makefile watchdog: make hardlockup detect code public 2024-11-05 18:55:17 +08:00
acct.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
async.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
audit.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
audit.h tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
audit_fsnotify.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
audit_tree.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
audit_watch.c ock: sync codes to ock 5.4.119-20.0009.21 2024-06-11 20:27:38 +08:00
auditfilter.c ock: sync codes to ock 5.4.119-20.0009.21 2024-06-11 20:27:38 +08:00
auditsc.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
backtracetest.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
bounds.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
capability.c
compat.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
configs.c kernel/configs: Replace GPL boilerplate code with SPDX identifier 2019-07-30 18:34:15 +02:00
context_tracking.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
cpu.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
cpu_pm.c ock: sync codes to ock 5.4.119-20.0009.21 2024-06-11 20:27:38 +08:00
crash_core.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
crash_dump.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
cred.c tkernel: add base tlinux kernel interfaces 2024-06-11 20:09:33 +08:00
delayacct.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
dma.c
exec_domain.c
exit.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
extable.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
fail_function.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
fork.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
freezer.c Revert "libata, freezer: avoid block device removal while system is frozen" 2019-10-06 09:11:37 -06:00
futex.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
gen_kheaders.sh ock: sync codes to ock 5.4.119-20.0009.21 2024-06-11 20:27:38 +08:00
groups.c
hung_task.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
iomem.c mm/nvdimm: add is_ioremap_addr and use that to check ioremap address 2019-07-12 11:05:40 -07:00
irq_work.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
jump_label.c jump_label: Don't warn on __exit jump entries 2019-08-29 15:10:10 +01:00
kallsyms.c ock: sync codes to ock 5.4.119-20.0009.21 2024-06-11 20:27:38 +08:00
kcmp.c ock: sync codes to ock 5.4.119-20.0009.21 2024-06-11 20:27:38 +08:00
kcov.c kcov: convert kcov.refcount to refcount_t 2019-03-07 18:32:02 -08:00
kexec.c kexec_load: Disable at runtime if the kernel is locked down 2019-08-19 21:54:15 -07:00
kexec_core.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
kexec_elf.c kexec_elf: support 32 bit ELF files 2019-09-06 23:58:44 +02:00
kexec_file.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
kexec_internal.h
kheaders.c kheaders: Move from proc to sysfs 2019-05-24 20:16:01 +02:00
kill_block.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
kmod.c ock: sync codes to ock 5.4.119-20.0009.21 2024-06-11 20:27:38 +08:00
kprobes.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
ksysfs.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 170 2019-05-30 11:26:39 -07:00
kthread.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
latencytop.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
modsign_certificate.S tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
modsign_pubkey.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
module-internal.h tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
module.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
module_signature.c MODSIGN: Export module signature definitions 2019-08-05 18:39:56 -04:00
module_signing.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
notifier.c ock: sync codes to ock 5.4.119-20.0009.21 2024-06-11 20:27:38 +08:00
nsproxy.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
padata.c ock: sync codes to ock 5.4.119-20.0009.21 2024-06-11 20:27:38 +08:00
panic.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
params.c lockdown: Lock down module params that specify hardware parameters (eg. ioport) 2019-08-19 21:54:16 -07:00
pid.c tkernel: add base tlinux kernel interfaces 2024-06-11 20:09:33 +08:00
pid_namespace.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
profile.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
ptrace.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
range.c
reboot.c ock: sync codes to ock 5.4.119-20.0009.21 2024-06-11 20:27:38 +08:00
relay.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
resource.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
rseq.c signal: Remove task parameter from force_sig 2019-05-27 09:36:28 -05:00
seccomp.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
signal.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
smp.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
smpboot.c ock: sync codes to ock 5.4.119-20.0009.21 2024-06-11 20:27:38 +08:00
smpboot.h
softirq.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
stackleak.c
stacktrace.c stacktrace: Don't skip first entry on noncurrent tasks 2019-11-04 21:19:25 +01:00
stop_machine.c stop_machine: Avoid potential race behaviour 2019-10-17 12:47:12 +02:00
sys.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
sys_ni.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
sysctl-test.c ock: sync codes to ock 5.4.119-20.0009.21 2024-06-11 20:27:38 +08:00
sysctl.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
sysctl_binary.c ock: sync codes to ock 5.4.119-20.0009.21 2024-06-11 20:27:38 +08:00
task_work.c
taskstats.c tkernel: add base tlinux kernel interfaces 2024-06-11 20:09:33 +08:00
test_kprobes.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 25 2019-05-21 11:52:39 +02:00
torture.c torture: Remove exporting of internal functions 2019-08-01 14:30:22 -07:00
tracepoint.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
tsacct.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
ucount.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
uid16.c
uid16.h
umh.c ock: sync codes to ock 5.4.119-20.0009.21 2024-06-11 20:27:38 +08:00
up.c ock: sync codes to ock 5.4.119-20.0009.21 2024-06-11 20:27:38 +08:00
user-return-notifier.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
user.c Keyrings namespacing 2019-07-08 19:36:47 -07:00
user_namespace.c Keyrings namespacing 2019-07-08 19:36:47 -07:00
utsname.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
utsname_sysctl.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
watchdog.c kprobes/arm64: Blacklist sdei watchdog callback functions 2024-11-05 18:57:53 +08:00
watchdog_hld.c sdei_watchdog: Fix compile error when PPC_WATCHDOG is disable on PowerPC 2024-11-05 18:57:53 +08:00
workqueue.c tkernel: sync code to the same with tk4 pub/lts/0017-kabi 2024-06-12 13:13:20 +08:00
workqueue_internal.h sched/core, workqueues: Distangle worker accounting from rq lock 2019-04-16 16:55:15 +02:00