Eric Dumazet 06a22d897d bpf: fix access to skb_shared_info->gso_segs ... It is possible we reach bpf_convert_ctx_access() with si->dst_reg == si->src_reg Therefore, we need to load BPF_REG_AX before eventually mangling si->src_reg. syzbot generated this x86 code : 3: 55 push %rbp 4: 48 89 e5 mov %rsp,%rbp 7: 48 81 ec 00 00 00 00 sub $0x0,%rsp // Might be avoided ? e: 53 push %rbx f: 41 55 push %r13 11: 41 56 push %r14 13: 41 57 push %r15 15: 6a 00 pushq $0x0 17: 31 c0 xor %eax,%eax 19: 48 8b bf c0 00 00 00 mov 0xc0(%rdi),%rdi 20: 44 8b 97 bc 00 00 00 mov 0xbc(%rdi),%r10d 27: 4c 01 d7 add %r10,%rdi 2a: 48 0f b7 7f 06 movzwq 0x6(%rdi),%rdi // Crash 2f: 5b pop %rbx 30: 41 5f pop %r15 32: 41 5e pop %r14 34: 41 5d pop %r13 36: 5b pop %rbx 37: c9 leaveq 38: c3 retq Fixes: d9ff286a0f ("bpf: allow BPF programs access skb_shared_info->gso_segs field") Signed-off-by: Eric Dumazet <edumazet@google.com> Reported-by: syzbot <syzkaller@googlegroups.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org>		2019-07-23 14:12:37 -07:00
..
bpf_sk_storage.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2019-06-17 20:20:36 -07:00
datagram.c	datagram: remove rendundant 'peeked' argument	2019-04-08 09:51:54 -07:00
datagram.h	net/core: Allow the compiler to verify declaration and definition consistency	2019-03-27 13:49:44 -07:00
dev_addr_lists.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
dev_ioctl.c	net/core: Document all dev_ioctl() arguments	2019-03-27 13:49:43 -07:00
dev.c	skbuff: increase verbosity when dumping skb data	2019-07-08 19:38:46 -07:00
devlink.c	devlink: Introduce PCI VF port flavour and port attribute	2019-07-09 12:02:13 -07:00
drop_monitor.c	treewide: Add SPDX license identifier for more missed files	2019-05-21 10:50:45 +02:00
dst_cache.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
dst.c	blackhole_netdev: use blackhole_netdev to invalidate dst entries	2019-07-01 19:34:46 -07:00
ethtool.c	net: ethtool: Allow parsing ETHER_FLOW types when using flow_rule	2019-06-27 09:38:17 -07:00
failover.c	failover: allow name change on IFF_UP slave interfaces	2019-04-10 22:12:26 -07:00
fib_notifier.c
fib_rules.c	SPDX update for 5.2-rc4	2019-06-08 12:52:42 -07:00
filter.c	bpf: fix access to skb_shared_info->gso_segs	2019-07-23 14:12:37 -07:00
flow_dissector.c	net/flow_dissector: add connection tracking dissection	2019-07-09 12:11:59 -07:00
flow_offload.c	net: flow_offload: add flow_block_cb_is_busy() and use it	2019-07-09 14:38:50 -07:00
gen_estimator.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
gen_stats.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
gro_cells.c	gro_cells: make sure device is up in gro_cells_receive()	2019-03-10 11:07:14 -07:00
hwbm.c	net: hwbm: Make the hwbm_pool lock a mutex	2019-06-09 19:40:10 -07:00
link_watch.c	net: link_watch: prevent starvation when processing linkwatch wq	2019-07-01 19:02:47 -07:00
lwt_bpf.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295	2019-06-05 17:36:38 +02:00
lwtunnel.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
Makefile	bpf: Introduce bpf sk local storage	2019-04-27 09:07:04 -07:00
neighbour.c	net: neigh: fix multiple neigh timer scheduling	2019-07-15 11:03:29 -07:00
net_namespace.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next	2019-07-11 10:55:49 -07:00
net-procfs.c	treewide: Switch printk users from %pf and %pF to %ps and %pS, respectively	2019-04-09 14:19:06 +02:00
net-sysfs.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
net-sysfs.h
net-traces.c	page_pool: add tracepoints for page_pool with details need by XDP	2019-06-19 11:23:13 -04:00
netclassid_cgroup.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
netevent.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
netpoll.c	net: ipv4: provide __rcu annotation for ifa_list	2019-06-02 18:08:36 -07:00
netprio_cgroup.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
page_pool.c	net: core: page_pool: add user refcnt and reintroduce page_pool_destroy	2019-07-08 14:58:04 -07:00
pktgen.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2019-06-07 11:00:14 -07:00
ptp_classifier.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295	2019-06-05 17:36:38 +02:00
request_sock.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
rtnetlink.c	rtnetlink: skip metrics loop for dst_default_metrics	2019-06-26 13:14:59 -07:00
scm.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
secure_seq.c	treewide: Add SPDX license identifier for missed files	2019-05-21 10:50:45 +02:00
skbuff.c	skbuff: fix compilation warnings in skb_dump()	2019-07-16 14:12:06 -07:00
skmsg.c	bpf: sockmap/tls, close can race with map free	2019-07-22 16:04:17 +02:00
sock_diag.c
sock_map.c	bpf: sockmap, only create entry if ulp is not already enabled	2019-07-22 16:04:17 +02:00
sock_reuseport.c	bpf: net: Add SO_DETACH_REUSEPORT_BPF	2019-06-15 01:21:19 +02:00
sock.c	mm: security: introduce init_on_alloc=1 and init_on_free=1 boot options	2019-07-12 11:05:46 -07:00
stream.c	tcp: reduce POLLOUT events caused by TCP_NOTSENT_LOWAT	2018-12-04 21:21:18 -08:00
sysctl_net_core.c	net: add high_order_alloc_disable sysctl/static key	2019-06-14 20:18:28 -07:00
timestamping.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 61	2019-05-24 17:36:45 +02:00
tso.c
utils.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
xdp.c	net: core: page_pool: add user refcnt and reintroduce page_pool_destroy	2019-07-08 14:58:04 -07:00