Message ID | 20210528103810.22025-1-ovidiu.panait@windriver.com |
---|---|
Headers | show |
Series | bpf: fix verifier selftests, add CVE-2021-29155, CVE-2021-33200 fixes | expand |
On Fri, May 28, 2021 at 01:37:51PM +0300, Ovidiu Panait wrote: > v2 updates: > - fix the last failing verfifier selftest by backporting the following > commits: > * https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fb8d251ee2a6bf4d7f4af5548e9c8f4fb5f90402 > * https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.4.y&id=37e1cdff90c1bc448edb4d73a18d89e05e36ab55 > * https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.4.y&id=a801a05ca7145fd2b72dad35bd01977014241e55 > - add CVE-2021-33200 fixes + support patch from 5.4: > * https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.4.y&id=8ba25a9ef9b9ca84d085aea4737e6c0852aa5bfd > * https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3d0220f6861d713213b015b582e9f21e5b28d2e0 > * https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bb01a1bba579b4b1c5566af24d95f1767859771e > * https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a7036191277f9fa68d92f2071ddc38c09b1e5ee5 > > The CVE-2021-29155 part of this series is based on Frank van der Linden's > backport to 5.4 and 4.14: > https://lore.kernel.org/stable/20210429220839.15667-1-fllinden@amazon.com/ > https://lore.kernel.org/stable/20210501043014.33300-1-fllinden@amazon.com/ > > With this series, all verifier selftests pass: > /root# ./test_verifier > ... > Summary: 916 PASSED, 0 SKIPPED, 0 FAILED > > What the series does is: > * Fix verifier selftests by backporting various bpf/selftest upstream commits + > add two 4.19 specific fixes > * Backport fixes for CVE-2021-29155 from 5.4 stable, including selftest > changes. Only minor context adjustements were made for 4.19 backport. > * Backport CVE-2021-33200 fixes. No modifications were made, all patches > apply cleanly. > > The following commits that fix selftests are 4.19 specific: > Ovidiu Panait (2): > 1. bpf: fix up selftests after backports were fixed > > This is the 4.19 equivalent of > https://lore.kernel.org/stable/20210501043014.33300-3-fllinden@amazon.com/ > > Basically a backport of upstream commit 80c9b2fae87b ("bpf: add various > test cases to selftests") adapted to 4.19 in order to fix the > selftests that began to fail after CVE-2019-7308 fixes. > > 2. selftests/bpf: add selftest part of "bpf: improve verifier branch > analysis" > > This is a cherry-pick of the selftest parts that have been left out when > backporting 4f7b3e82589e0 ("bpf: improve verifier branch analysis") to 4.19. All now queued up, thanks! greg k-h