hulk inclusion category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IC7C6M CVE: CVE-2024-58098 -------------------------------- There have 2 holes in struct bpf_subprog_info, it can use KABI_EXTEND to fix this kabi breakage. $ pahole -C bpf_subprog_info vmlinux struct bpf_subprog_info { u32 start; /* 0 4 */ u32 linfo_idx; /* 4 4 */ u16 stack_depth; /* 8 2 */ bool has_tail_call; /* 10 1 */ bool tail_call_reachable; /* 11 1 */ bool has_ld_abs; /* 12 1 */ bool is_async_cb; /* 13 1 */ /* XXX 2 bytes hole, try to pack */ u64 kabi_reserved1; /* 16 8 */ u64 kabi_reserved2; /* 24 8 */ u64 kabi_reserved3; /* 32 8 */ u64 kabi_reserved4; /* 40 8 */ /* size: 48, cachelines: 1, members: 11 */ /* sum members: 46, holes: 1, sum holes: 2 */ /* last cacheline: 48 bytes */ }; Fixes: 17add15ac0d6 ("bpf: track changes_pkt_data property for global functions") Signed-off-by: Pu Lehui <pulehui@huawei.com> --- include/linux/bpf_verifier.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/linux/bpf_verifier.h b/include/linux/bpf_verifier.h index b6d3ccd4f42e..8a62496afa58 100644 --- a/include/linux/bpf_verifier.h +++ b/include/linux/bpf_verifier.h @@ -634,7 +634,7 @@ struct bpf_subprog_info { bool tail_call_reachable; bool has_ld_abs; bool is_async_cb; - bool changes_pkt_data; + KABI_EXTEND(bool changes_pkt_data) KABI_RESERVE(1) KABI_RESERVE(2) -- 2.34.1