git.kernel.dk Git - linux-2.6-block.git/commit

author	Christophe Leroy <christophe.leroy@csgroup.eu>
	Sat, 16 Mar 2024 07:35:41 +0000 (08:35 +0100)
committer	Martin KaFai Lau <martin.lau@kernel.org>
	Mon, 18 Mar 2024 21:18:47 +0000 (14:18 -0700)
commit	c733239f8f530872a1f80d8c45dcafbaff368737
tree	bd2fb53ca8a95c663a415f5b8a5479b338cfa7fd	tree \| snapshot
parent	e3362acd796789dc0562eb1a3937007b0beb0c5b	commit \| diff

bpf: Check return from set_memory_rox()

arch_protect_bpf_trampoline() and alloc_new_pack() call
set_memory_rox() which can fail, leading to unprotected memory.

Take into account return from set_memory_rox() function and add
__must_check flag to arch_protect_bpf_trampoline().

Signed-off-by: Christophe Leroy <christophe.leroy@csgroup.eu>
Reviewed-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/fe1c163c83767fde5cab31d209a4a6be3ddb3a73.1710574353.git.christophe.leroy@csgroup.eu
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>

arch/arm64/net/bpf_jit_comp.c		diff \| blob \| blame \| history
arch/x86/net/bpf_jit_comp.c		diff \| blob \| blame \| history
include/linux/bpf.h		diff \| blob \| blame \| history
kernel/bpf/bpf_struct_ops.c		diff \| blob \| blame \| history
kernel/bpf/core.c		diff \| blob \| blame \| history
kernel/bpf/trampoline.c		diff \| blob \| blame \| history
net/bpf/bpf_dummy_struct_ops.c		diff \| blob \| blame \| history