[PATCH PATCH openEuler-22.03-LTS-SP1 7/9] selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test

From: Daniel Borkmann daniel@iogearbox.net

mainline inclusion from mainline-v6.12-rc1 commit b8e188f023e07a733b47d5865311ade51878fe40 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAYQOP CVE: CVE-2024-49861

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...

--------------------------------

The assumption of 'in privileged mode reads from uninitialized stack locations are permitted' is not quite correct since the verifier was probing for read access rather than write access. Both tests need to be annotated as __success for privileged and unprivileged.

Signed-off-by: Daniel Borkmann daniel@iogearbox.net Acked-by: Andrii Nakryiko andrii@kernel.org Link: https://lore.kernel.org/r/20240913191754.13290-6-daniel@iogearbox.net Signed-off-by: Alexei Starovoitov ast@kernel.org Conflicts: tools/testing/selftests/bpf/verifier/int_ptr.c tools/testing/selftests/bpf/progs/verifier_int_ptr.c [The conflicts were due to test files changed] Signed-off-by: Xiaomeng Zhang zhangxiaomeng13@huawei.com --- tools/testing/selftests/bpf/verifier/int_ptr.c | 5 ----- 1 file changed, 5 deletions(-)

diff --git a/tools/testing/selftests/bpf/verifier/int_ptr.c b/tools/testing/selftests/bpf/verifier/int_ptr.c index c28cd2b8f1da..fd7bf5d4a35b 100644 --- a/tools/testing/selftests/bpf/verifier/int_ptr.c +++ b/tools/testing/selftests/bpf/verifier/int_ptr.c @@ -27,8 +27,6 @@ }, .result = ACCEPT, .retval = POINTER_VALUE, - .errstr_unpriv = "invalid indirect read from stack R4 off -16+0 size 8", - .result_unpriv = REJECT, }, { "ARG_PTR_TO_LONG half-uninitialized", @@ -58,9 +56,6 @@ BPF_MOV64_IMM(BPF_REG_0, 0), BPF_EXIT_INSN(), }, - .result_unpriv = REJECT, - .errstr_unpriv = "invalid indirect read from stack R4 off -16+4 size 8", - /* in privileged mode reads from uninitialized stack locations are permitted */ .result = ACCEPT, }, {