On 9/7/17 3:14 PM, Daniel Borkmann wrote:
Fixes: 97f91a7cf04f ("bpf: add bpf_redirect_map helper routine") Reported-by: Jesper Dangaard Brouer <bro...@redhat.com> Signed-off-by: Daniel Borkmann <dan...@iogearbox.net> Signed-off-by: John Fastabend <john.fastab...@gmail.com> --- kernel/bpf/verifier.c | 16 ++++++++++++++++ net/core/filter.c | 21 +++++++++++++++++++-- 2 files changed, 35 insertions(+), 2 deletions(-)diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index d690c7d..477b693 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -4203,6 +4203,22 @@ static int fixup_bpf_calls(struct bpf_verifier_env *env) continue; } + if (insn->imm == BPF_FUNC_redirect_map) { + u64 addr = (unsigned long)prog; + struct bpf_insn r4_ld[] = { + BPF_LD_IMM64(BPF_REG_4, addr), + *insn, + }; + cnt = ARRAY_SIZE(r4_ld); + + new_prog = bpf_patch_insn_data(env, i + delta, r4_ld, cnt);
that's a neat trick. I think we'll be seeing more of such pattern in the future. Definitely less intrusive fix than asking drivers or net/core to clear it. Acked-by: Alexei Starovoitov <a...@kernel.org>
