Commit 9f8e716d authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf 

Pull bpf fixes from Daniel Borkmann:

 - Fix a mismatching RCU unlock flavor in bpf_out_neigh_v6 (Jiawei Ye)

 - Fix BPF sockmap with kTLS to reject vsock and unix sockets upon kTLS
   context retrieval (Zijian Zhang)

 - Fix BPF bits iterator selftest for s390x (Hou Tao)

* tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf:
  bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6
  bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx
  selftests/bpf: Use -4095 as the bad address for bits iterator
parents c5f40451 fb86c42a

include/net/tls.h

+10 −2
Original line number Diff line number Diff line
@@ -390,8 +390,12 @@ tls_offload_ctx_tx(const struct tls_context *tls_ctx) 


static inline bool tls_sw_has_ctx_tx(const struct sock *sk)

{

	struct tls_context *ctx = tls_get_ctx(sk);

	struct tls_context *ctx;



	if (!sk_is_inet(sk) || !inet_test_bit(IS_ICSK, sk))

		return false;



	ctx = tls_get_ctx(sk);

	if (!ctx)

		return false;

	return !!tls_sw_ctx_tx(ctx);
@@ -399,8 +403,12 @@ static inline bool tls_sw_has_ctx_tx(const struct sock *sk) 


static inline bool tls_sw_has_ctx_rx(const struct sock *sk)

{

	struct tls_context *ctx = tls_get_ctx(sk);

	struct tls_context *ctx;



	if (!sk_is_inet(sk) || !inet_test_bit(IS_ICSK, sk))

		return false;



	ctx = tls_get_ctx(sk);

	if (!ctx)

		return false;

	return !!tls_sw_ctx_rx(ctx);

net/core/filter.c

+1 −1
Original line number Diff line number Diff line
@@ -2249,7 +2249,7 @@ static int bpf_out_neigh_v6(struct net *net, struct sk_buff *skb, 
		rcu_read_unlock();

		return ret;

	}

	rcu_read_unlock_bh();

	rcu_read_unlock();

	if (dst)

		IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTNOROUTES);

out_drop:

tools/testing/selftests/bpf/progs/verifier_bits_iter.c

+28 −4
Original line number Diff line number Diff line
@@ -57,9 +57,15 @@ __description("null pointer") 
__success __retval(0)

int null_pointer(void)

{

	int nr = 0;

	struct bpf_iter_bits iter;

	int err, nr = 0;

	int *bit;



	err = bpf_iter_bits_new(&iter, NULL, 1);

	bpf_iter_bits_destroy(&iter);

	if (err != -EINVAL)

		return 1;



	bpf_for_each(bits, bit, NULL, 1)

		nr++;

	return nr;
@@ -194,15 +200,33 @@ __description("bad words") 
__success __retval(0)

int bad_words(void)

{

	void *bad_addr = (void *)(3UL << 30);

	int nr = 0;

	void *bad_addr = (void *)-4095;

	struct bpf_iter_bits iter;

	volatile int nr;

	int *bit;

	int err;



	err = bpf_iter_bits_new(&iter, bad_addr, 1);

	bpf_iter_bits_destroy(&iter);

	if (err != -EFAULT)

		return 1;



	nr = 0;

	bpf_for_each(bits, bit, bad_addr, 1)

		nr++;

	if (nr != 0)

		return 2;



	err = bpf_iter_bits_new(&iter, bad_addr, 4);

	bpf_iter_bits_destroy(&iter);

	if (err != -EFAULT)

		return 3;



	nr = 0;

	bpf_for_each(bits, bit, bad_addr, 4)

		nr++;

	if (nr != 0)

		return 4;



	return nr;

	return 0;

}