Re: [PATCH bpf v5] bpf: verifier: prevent userspace memory access
From: Alexei Starovoitov
Date: Sun Mar 24 2024 - 16:48:36 EST
On Sun, Mar 24, 2024 at 12:35 PM Puranjay Mohan <puranjay12@xxxxxxxxx> wrote:
>
> Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx> writes:
>
> > On Sun, Mar 24, 2024 at 11:54 AM Puranjay Mohan <puranjay12@xxxxxxxxx> wrote:
> >>
> >> +u64 bpf_arch_uaddress_limit(void)
> >> +{
> >> + return max(TASK_SIZE_MAX + PAGE_SIZE, VSYSCALL_ADDR);
> >
> > This is broken. See my other email.
> > Sadly you didn't test it.
>
> Yes, sorry for this. I was relying on the CI for the test this time as
> thought it would work. I just realised this would reject all addresses!
>
> Given that the current x86-64 JIT just tests for TASK_SIZE_MAX +
> PAGE_SIZE can we go ahead with this and later fix it for VSYSCALL_ADDR
> as it is specific for x86-64?
This patch deletes a bunch of code from arch/x86/net/bpf_jit_comp.c.
If you're proposing to deal with vsyscall check in JIT then
very similar code in the same spot will be re-introduced.
So we should address all issues at once to avoid code churn.
> Also, I will spend some time figuring out the best way to do this, there
> should be some mathematical trick somewhere.
Let's think of it right now.
For the next patch you can reduce the cc list to avoid spamming all
mailing lists.
bpf@vger plus JIT folks for affected arches will be enough.