This patchset is going to fix CVE-2024-47703, which may resulting in kernel panic.
Andrii Nakryiko (2): bpf: enforce exact retval range on subprog/callback exit bpf: enforce precise retval range on program exit
Tengda Wu (2): bpf: Fix kabi breakage in struct bpf_func_state bpf: Fix kabi breakage in struct bpf_insn_access_aux
Xu Kuohai (3): bpf, lsm: Add disabled BPF LSM hook list bpf, lsm: Add check for BPF LSM return value bpf: Fix compare error in function retval_range_within
include/linux/bpf.h | 1 + include/linux/bpf_lsm.h | 8 + include/linux/bpf_verifier.h | 8 +- kernel/bpf/bpf_lsm.c | 63 +++++++- kernel/bpf/btf.c | 5 +- kernel/bpf/verifier.c | 149 ++++++++++++------ .../selftests/bpf/progs/test_global_func15.c | 2 +- .../selftests/bpf/progs/timer_failure.c | 2 +- .../selftests/bpf/progs/user_ringbuf_fail.c | 2 +- .../bpf/progs/verifier_cgroup_inv_retcode.c | 8 +- .../bpf/progs/verifier_netfilter_retcode.c | 2 +- 11 files changed, 193 insertions(+), 57 deletions(-)