Received: by 2002:a05:6a10:6d10:0:0:0:0 with SMTP id gq16csp1508827pxb; Thu, 14 Apr 2022 07:41:14 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzbUGVH0ucqXURPbr/Ps2ynLVJUbTzQgDnS0PUVwoEgLkeNFaMswpUzJBbgDlKxHKqGScda X-Received: by 2002:a05:6402:27c7:b0:41b:51ca:f542 with SMTP id c7-20020a05640227c700b0041b51caf542mr3424263ede.149.1649947274256; Thu, 14 Apr 2022 07:41:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1649947274; cv=none; d=google.com; s=arc-20160816; b=N22jlGbrnfuc8DT+r5eJfOkO8dN0YW6/twkj9yfCw68sDon/Wb1T3Eh81u2Z8Tn9Rt 8tsLl3nYu9LrzCdDWWdKqOxss/Snd4M8hHPM6y6JvWf8Xorg51NP15X0o0OcmK6EuxI+ ZyB5VpOMj1yf4/B/ivkCoCz3uSLW9jDktZhS/s7xS3cF6V1D9bfTRoyWrwwLLLenhWJ8 X8xQnHMQPjxhiCVC6nhsKRLroXn9Ie6tr35U2vhVRMwEsTpYzvWrc6mwaB0MepqIeSYV 6QI6rO7WKpcmptwX5rcec7KTHNxTqJu4nX6NUGzuEDv1C314cVtxoNyJHoPks1zx+u0D r7NQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=ulZD6zNnI3E2tVgbP2ay2zB6j2x9YR9+l3/69/Ua3pA=; b=aZFeoZFyttiUGFTE1IhlnC7xgkV/OgD2urZ/hEjrSfaG8P7YQrdtejM6Xl5v7C90Xp /i2vSSIDIdDzsZ+xggyVlxaFyCTn3x+Q3NL+JoWxmoqe2KW451sxMCh0IDM8C8zgkVg0 OZT1p2IBZx9gQU2pENoIvLyw786+fFOCwIYzneR57DTopd0cNEkYtt3pq+NgskIfxVE4 hA4m24MXgpixvVzSupev5Rop5qxxEyjw9Tj6jKS2J8xNXryf8n6tr8zpaNnD1jtlLz9F YWioNnVK1mTzTWGbt8YMLVhr59tGNqiFExCyucZbEyiqnNYYO7Fw71iSwNKswJ9UCuX+ 3grg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=JLd5puMQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id r13-20020a05640251cd00b0041d7b3460d0si4249026edd.159.2022.04.14.07.40.39; Thu, 14 Apr 2022 07:41:14 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=JLd5puMQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238337AbiDMT3v (ORCPT + 99 others); Wed, 13 Apr 2022 15:29:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34640 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238317AbiDMT3k (ORCPT ); Wed, 13 Apr 2022 15:29:40 -0400 Received: from mail-pl1-x633.google.com (mail-pl1-x633.google.com [IPv6:2607:f8b0:4864:20::633]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 41A5B72E1D for ; Wed, 13 Apr 2022 12:27:17 -0700 (PDT) Received: by mail-pl1-x633.google.com with SMTP id n18so2792806plg.5 for ; Wed, 13 Apr 2022 12:27:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=message-id:date:mime-version:user-agent:subject:content-language:to :cc:references:from:in-reply-to:content-transfer-encoding; bh=ulZD6zNnI3E2tVgbP2ay2zB6j2x9YR9+l3/69/Ua3pA=; b=JLd5puMQf6492ML/dyNY6TKWLx7/9ZIuCpo4/MdsTOmTLArTtUAHSBUUksMMpNsbUg JKoMefN2Xhc4AQ40Oj/ty6rADytP+hgT6kUGvT/+DME34D1YFAeq1NkGOZwC2LD/nH7A UROiFTo0esSJrW/PMu2+jyzk+RilmC4re7wIb6Zj+9vn95TEcRuBhlxaxDMhY3k2FK9Z JF9sAJzfofpZ9TQMjkyuueU/pkYZfnd4WssWZzBXW8PLxVwodjar5qU85Jw0zbjCixvV UNSLduY+bWJgbHcYb6l5xShpVPyjY5c/TLwd1mNzgdN8nvRmYBPxs/1Sb65pSM4TrGJT 8Ahw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=ulZD6zNnI3E2tVgbP2ay2zB6j2x9YR9+l3/69/Ua3pA=; b=Dk6gT9e/NWuxbT3lb7PECFN4lnzx5RUJnh+avYSWvKuTiVgLrmBTf2Pp6B2l2moeIo r4fRh52ZPsGR6HjP7AFkkMWwp8vh5KFszIRWJI8astt36zdLoBFqP6eCKD1+ovtfqtUE 615Imp4WIMMcVVr5je4N6bBQptUnhH0E5yppxtO+XDbE9GvEeUcuMfqEegAESzudJURm MRKp/TlX8DTf9nxNBOME9i4soyx+43JqJiL4qSE1QYYUm1JJbloi5zzze5lG+gfJTHmD xwsL+69NSNZqzLYQO78AXAjdgwd2MSM8694xy/VQ7iqDiu2fHxUMm96inJNXArG/AjEK 7xxA== X-Gm-Message-State: AOAM530GTQ20lodR3annYOTOgdYzUNwJdGDrtRO1CIZp6wn6UnZ+RlsF AtFwjwwVzTBTdxoYsezQQhxwlA== X-Received: by 2002:a17:90a:454a:b0:1ca:91c7:df66 with SMTP id r10-20020a17090a454a00b001ca91c7df66mr288235pjm.186.1649878036766; Wed, 13 Apr 2022 12:27:16 -0700 (PDT) Received: from [192.168.254.17] ([50.39.160.154]) by smtp.gmail.com with ESMTPSA id v16-20020aa78090000000b0050583cb0adbsm18978259pff.196.2022.04.13.12.27.15 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 13 Apr 2022 12:27:16 -0700 (PDT) Message-ID: Date: Wed, 13 Apr 2022 12:27:15 -0700 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0 Subject: Re: [PATCH] bpf: Fix KASAN use-after-free Read in compute_effective_progs Content-Language: en-US To: Andrii Nakryiko Cc: bpf , Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , KP Singh , Networking , linux- stable , open list , syzbot+f264bffdfbd5614f3bb2@syzkaller.appspotmail.com References: <20220405170356.43128-1-tadeusz.struk@linaro.org> From: Tadeusz Struk In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-3.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 4/13/22 12:07, Andrii Nakryiko wrote: >> it would be ideal if detach would never fail, but it would require some kind of >> prealloc, on attach maybe? Another option would be to minimize the probability > We allocate new arrays in update_effective_progs() under assumption > that we might need to grow the array because we use > update_effective_progs() for attachment. But for detachment we know > that we definitely don't need to increase the size, we need to remove > existing element only, thus shrinking the size. > > Normally we'd reallocate the array to shrink it (and that's why we use > update_effective_progs() and allocate memory), but we can also have a > fallback path for detachment only to reuse existing effective arrays > and just shift all the elements to the right from the element that's > being removed. We'll leave NULL at the end, but that's much better > than error out. Subsequent attachment or detachment will attempt to > properly size and reallocate everything. > > So I think that should be the fix, if you'd be willing to work on it. That makes it much easier then. I will change it so that there is no alloc needed on the detach path. Thanks for the clarification. -- Thanks, Tadeusz