summaryrefslogtreecommitdiffstats
path: root/kernel/events
diff options
context:
space:
mode:
authorAlexei Starovoitov <ast@fb.com>2016-04-06 18:43:28 -0700
committerDavid S. Miller <davem@davemloft.net>2016-04-07 21:04:26 -0400
commit32bbe0078afe86a8bf4c67c6b3477781b15e94dc (patch)
tree8c5290f51108de3a2c98cb7171942fb9d5e36ab2 /kernel/events
parent9940d67c93b5bb7ddcf862b41b1847cb728186c4 (diff)
downloadop-kernel-dev-32bbe0078afe86a8bf4c67c6b3477781b15e94dc.zip
op-kernel-dev-32bbe0078afe86a8bf4c67c6b3477781b15e94dc.tar.gz
bpf: sanitize bpf tracepoint access
during bpf program loading remember the last byte of ctx access and at the time of attaching the program to tracepoint check that the program doesn't access bytes beyond defined in tracepoint fields This also disallows access to __dynamic_array fields, but can be relaxed in the future. Signed-off-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'kernel/events')
-rw-r--r--kernel/events/core.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/kernel/events/core.c b/kernel/events/core.c
index e5ffe97..9a01019 100644
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -7133,6 +7133,14 @@ static int perf_event_set_bpf_prog(struct perf_event *event, u32 prog_fd)
return -EINVAL;
}
+ if (is_tracepoint) {
+ int off = trace_event_get_offsets(event->tp_event);
+
+ if (prog->aux->max_ctx_offset > off) {
+ bpf_prog_put(prog);
+ return -EACCES;
+ }
+ }
event->tp_event->prog = prog;
return 0;
OpenPOWER on IntegriCloud