git.baikalelectronics.ru Git - kernel.git/commit

author	Alexei Starovoitov <ast@plumgrid.com>
	Wed, 7 Oct 2015 17:55:41 +0000 (10:55 -0700)
committer	David S. Miller <davem@davemloft.net>
	Sun, 11 Oct 2015 11:40:05 +0000 (04:40 -0700)
commit	fcf4800a5769c54ad994e65c4a313d33230daac6
tree	f23b1f44945600ce2631560eb1f93364606b62b6	tree \| snapshot
parent	7e30429152875e49eec6f5b77383a1b2b90426f1	commit \| diff

bpf: fix cb access in socket filter programs

eBPF socket filter programs may see junk in 'u32 cb[5]' area,
since it could have been used by protocol layers earlier.

For socket filter programs used in af_packet we need to clean
20 bytes of skb->cb area if it could be used by the program.
For programs attached to TCP/UDP sockets we need to save/restore
these 20 bytes, since it's used by protocol layers.

Remove SK_RUN_FILTER macro, since it's no longer used.

Long term we may move this bpf cb area to per-cpu scratch, but that
requires addition of new 'per-cpu load/store' instructions,
so not suitable as a short term fix.

Fixes: eb37f9b1bed1 ("bpf: allow programs to write to certain skb fields")
Reported-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Alexei Starovoitov <ast@plumgrid.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/linux/bpf.h		diff \| blob \| history
include/linux/filter.h		diff \| blob \| history
kernel/bpf/verifier.c		diff \| blob \| history
net/core/filter.c		diff \| blob \| history
net/packet/af_packet.c		diff \| blob \| history