bpf: allow wide aligned loads for bpf_sock_addr user_ip6 and msg_src_ip6

author Stanislav Fomichev <sdf@google.com>

Mon, 15 Jul 2019 16:39:53 +0000 (09:39 -0700)

committer Daniel Borkmann <daniel@iogearbox.net>

Mon, 15 Jul 2019 21:15:53 +0000 (23:15 +0200)
author Stanislav Fomichev <sdf@google.com>
Mon, 15 Jul 2019 16:39:53 +0000 (09:39 -0700)
committer Daniel Borkmann <daniel@iogearbox.net>
Mon, 15 Jul 2019 21:15:53 +0000 (23:15 +0200)
diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h

index 6f68438aa4edd98114b825f1aaf036115e5c728a..81be929b89fc5eec7be0368727223f7117066a2e 100644 (file)
--- a/include/uapi/linux/bpf.h
+++ b/include/uapi/linux/bpf.h
@@ -3248,7 +3248,7 @@ struct bpf_sock_addr {
         __u32 user_ip4;         /* Allows 1,2,4-byte read and 4-byte write.
                                  * Stored in network byte order.
                                  */
-       __u32 user_ip6[4];      /* Allows 1,2,4-byte read and 4,8-byte write.
+       __u32 user_ip6[4];      /* Allows 1,2,4,8-byte read and 4,8-byte write.
                                  * Stored in network byte order.
                                  */
         __u32 user_port;        /* Allows 4-byte read and write.
@@ -3260,7 +3260,7 @@ struct bpf_sock_addr {
         __u32 msg_src_ip4;      /* Allows 1,2,4-byte read and 4-byte write.
                                  * Stored in network byte order.
                                  */
-       __u32 msg_src_ip6[4];   /* Allows 1,2,4-byte read and 4,8-byte write.
+       __u32 msg_src_ip6[4];   /* Allows 1,2,4,8-byte read and 4,8-byte write.
                                  * Stored in network byte order.
                                  */
         __bpf_md_ptr(struct bpf_sock *, sk);
diff --git a/net/core/filter.c b/net/core/filter.c

index c5983ddb1a9f48dc1a259c270ce620d98e79a227..0f6854ccf8949f131f7e229d552f9f947dc205a2 100644 (file)
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -6884,9 +6884,19 @@ static bool sock_addr_is_valid_access(int off, int size,
         case bpf_ctx_range(struct bpf_sock_addr, msg_src_ip4):
         case bpf_ctx_range_till(struct bpf_sock_addr, msg_src_ip6[0],
                                 msg_src_ip6[3]):
-               /* Only narrow read access allowed for now. */
                 if (type == BPF_READ) {
                         bpf_ctx_record_field_size(info, size_default);
+
+                       if (bpf_ctx_wide_access_ok(off, size,
+                                                  struct bpf_sock_addr,
+                                                  user_ip6))
+                               return true;
+
+                       if (bpf_ctx_wide_access_ok(off, size,
+                                                  struct bpf_sock_addr,
+                                                  msg_src_ip6))
+                               return true;
+
                         if (!bpf_ctx_narrow_access_ok(off, size, size_default))
                                 return false;
                 } else {
author	Stanislav Fomichev <sdf@google.com>
	Mon, 15 Jul 2019 16:39:53 +0000 (09:39 -0700)
committer	Daniel Borkmann <daniel@iogearbox.net>
	Mon, 15 Jul 2019 21:15:53 +0000 (23:15 +0200)
include/uapi/linux/bpf.h		patch \| blob \| blame \| history
net/core/filter.c		patch \| blob \| blame \| history