Re: [PATCH 11/18] maccess: remove strncpy_from_unsafe

From: Daniel Borkmann
Date: Thu May 14 2020 - 06:22:39 EST

Next message: dillon min: "Re: [PATCH v3 5/5] drm/panel: Add ilitek ili9341 driver"
Previous message: Jirka Hladky: "Re: [PATCH 00/13] Reconcile NUMA balancing decisions with the load balancer v6"
In reply to: David Laight: "RE: [PATCH 11/18] maccess: remove strncpy_from_unsafe"
Next in thread: Christoph Hellwig: "[PATCH 08/18] maccess: rename strnlen_unsafe_user to strnlen_user_nofault"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5/14/20 12:01 PM, David Laight wrote:
[...]

If it's not a stupid question why is a BPF program allowed to get
into a situation where it might have an invalid kernel address.

It all stinks of a hole that allows all of kernel memory to be read
and copied to userspace.

Now you might want to something special so that BPF programs just
abort on OOPS instead of possibly paniking the kernel.
But that is different from a copy that expects to be passed garbage.

I suggest you read up on probe_kernel_read() and its uses in tracing in
general, looks like you haven't done that.

Next message: dillon min: "Re: [PATCH v3 5/5] drm/panel: Add ilitek ili9341 driver"
Previous message: Jirka Hladky: "Re: [PATCH 00/13] Reconcile NUMA balancing decisions with the load balancer v6"
In reply to: David Laight: "RE: [PATCH 11/18] maccess: remove strncpy_from_unsafe"
Next in thread: Christoph Hellwig: "[PATCH 08/18] maccess: rename strnlen_unsafe_user to strnlen_user_nofault"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]