This patchset is going to fix CVE-2024-47703, which
may resulting in kernel panic.
Andrii Nakryiko (2):
bpf: enforce exact retval range on subprog/callback exit
bpf: enforce precise retval range on program exit
Tengda Wu (2):
bpf: Fix kabi breakage in struct bpf_func_state
bpf: Fix kabi breakage in struct bpf_insn_access_aux
Xu Kuohai (4):
bpf, lsm: Add disabled BPF LSM hook list
bpf, lsm: Add check for BPF LSM return value
bpf: Fix compare error in function retval_range_within
selftests/bpf: Add return value checks for failed tests
include/linux/bpf.h | 1 +
include/linux/bpf_lsm.h | 8 +
include/linux/bpf_verifier.h | 8 +-
kernel/bpf/bpf_lsm.c | 63 +++++++-
kernel/bpf/btf.c | 5 +-
kernel/bpf/verifier.c | 149 ++++++++++++------
tools/testing/selftests/bpf/progs/err.h | 10 ++
.../selftests/bpf/progs/test_global_func15.c | 2 +-
.../bpf/progs/test_verify_pkcs7_sig.c | 8 +-
.../selftests/bpf/progs/timer_failure.c | 2 +-
.../selftests/bpf/progs/user_ringbuf_fail.c | 2 +-
.../bpf/progs/verifier_cgroup_inv_retcode.c | 8 +-
.../bpf/progs/verifier_netfilter_retcode.c | 2 +-
13 files changed, 209 insertions(+), 59 deletions(-)
--
2.34.1