Re: [PATCH v2 net-next 6/7] bpf: allow eBPF programs to use maps

From: David Miller
Date: Sun Nov 16 2014 - 14:04:47 EST

Next message: Josh Triplett: "Re: [PATCH 2/2] groups: Allow unprivileged processes to use setgroups to drop groups"
Previous message: Thomas Gleixner: "Re: [PATCH v2] x86, mm: set NX across entire PMD at boot"
Next in thread: Alexei Starovoitov: "Re: [PATCH v2 net-next 6/7] bpf: allow eBPF programs to use maps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Alexei Starovoitov <ast@xxxxxxxxxxxx>
Date: Thu, 13 Nov 2014 17:36:49 -0800

> +static u64 bpf_map_lookup_elem(u64 r1, u64 r2, u64 r3, u64 r4, u64 r5)
> +{
> + /* verifier checked that R1 contains a valid pointer to bpf_map
> + * and R2 points to a program stack and map->key_size bytes were
> + * initialized
> + */
> + struct bpf_map *map = (struct bpf_map *) (unsigned long) r1;
> + void *key = (void *) (unsigned long) r2;
> + void *value;
> +
> + WARN_ON_ONCE(!rcu_read_lock_held());
> +
> + value = map->ops->map_lookup_elem(map, key);
> +
> + /* lookup() returns either pointer to element value or NULL
> + * which is the meaning of PTR_TO_MAP_VALUE_OR_NULL type
> + */
> + return (unsigned long) value;
> +}

You should translate this into a true boolean '1' or '0' value so that
kernel pointers don't propagate to the user or his eBPF programs.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Josh Triplett: "Re: [PATCH 2/2] groups: Allow unprivileged processes to use setgroups to drop groups"
Previous message: Thomas Gleixner: "Re: [PATCH v2] x86, mm: set NX across entire PMD at boot"
Next in thread: Alexei Starovoitov: "Re: [PATCH v2 net-next 6/7] bpf: allow eBPF programs to use maps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]