Received: by 2002:a05:7412:a9a2:b0:e2:908c:2ebd with SMTP id o34csp513365rdh;
        Thu, 26 Oct 2023 08:14:53 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IGCijkpDxHt7UIOpGst1bJX39TKDI7r6fqb7kQxdBnmORBEhTdvFqGwFcx+qHC/ET8W71H3
X-Received: by 2002:a05:690c:38b:b0:5a8:1ffe:eb4e with SMTP id bh11-20020a05690c038b00b005a81ffeeb4emr21832016ywb.34.1698333293598;
        Thu, 26 Oct 2023 08:14:53 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1698333293; cv=none;
        d=google.com; s=arc-20160816;
        b=rTDYraArCwPdWKlVJ/D3wgvJX9GSyjY2La4zE9nowFCEjEpvKh+LazZySgqX6cmh9o
         oKo2uE93gucc1k9nZGw5glwsPKdh5QxHKfABaKuiPbNF8pG+uKps0rTbcueJJG1HFPfU
         6CX1w9CPdx9Hywd3ib1q+qGSqccly4zO0GiEc9FiqAjwbo8zheqJdpvjmCngN3PwN8TB
         dmlbR8bPwDcCUCbAOhcETPSuvAngRNIDozcWA4/UsP5AikHSiDx6Rexfa3ysnYKGo2sM
         6FJNN19YNil1aYiXtlWEIPkbwqSq1DTlBQ4xK9SzoukRWr0JB1L+GDMfnQxtasK4qPKg
         gm0g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:content-transfer-encoding:mime-version
         :message-id:date:subject:from:dkim-signature;
        bh=w2K3z0z5gFfUSAY8cI9K8dVfuvFeW0ry0Hfw9vGOpx8=;
        fh=wEBXkCY2ukhhRXhVifDp43GCnzawNYGLrV4OEZUeLUc=;
        b=O5oVkwLcoi7G/tzjU8A4RibBsxRP8GLfp2w6VGKjsYFhKS8tIjyy+o7pMuhYbTggqw
         liPqybJPKUoIReEasXqcuZfHYFS5PgyssKZzCt3JYOq2sepUNiS/qGkKnmOpdrkMDSz3
         dbpUCE/ulDAPVDSpGyVe4hDRx2Pdl05JvlrfhNgE6k01zWkgAGCXLM1TyqatgUoWUy8H
         rQwBq3/K9Hb5nm5PdJ5q6wEb97DE6Et7ZiRHyEEz+/cxlg9VbTYANN3+diqaWRwftLHf
         g1v+oZoTdMrqTRwn2XcQ4Twglw8wggoGu16x66v8w0K/F7t7Ey/PtoBK1jiIGzHSdXJt
         cGtA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20230601 header.b=UthK9RLX;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from lipwig.vger.email (lipwig.vger.email. [23.128.96.33])
        by mx.google.com with ESMTPS id q184-20020a0de7c1000000b005a7b8eb60e6si14197275ywe.361.2023.10.26.08.14.53
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 26 Oct 2023 08:14:53 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) client-ip=23.128.96.33;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20230601 header.b=UthK9RLX;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by lipwig.vger.email (Postfix) with ESMTP id 959A682698FD;
	Thu, 26 Oct 2023 08:14:50 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at lipwig.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1345424AbjJZPOL (ORCPT <rfc822;gvb.lkml@gmail.com> + 99 others);
        Thu, 26 Oct 2023 11:14:11 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42492 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1345449AbjJZPN5 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 26 Oct 2023 11:13:57 -0400
Received: from mail-wm1-x32f.google.com (mail-wm1-x32f.google.com [IPv6:2a00:1450:4864:20::32f])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8A27A1AA;
        Thu, 26 Oct 2023 08:13:55 -0700 (PDT)
Received: by mail-wm1-x32f.google.com with SMTP id 5b1f17b1804b1-40836ea8cbaso7683335e9.0;
        Thu, 26 Oct 2023 08:13:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1698333234; x=1698938034; darn=vger.kernel.org;
        h=cc:to:content-transfer-encoding:mime-version:message-id:date
         :subject:from:from:to:cc:subject:date:message-id:reply-to;
        bh=w2K3z0z5gFfUSAY8cI9K8dVfuvFeW0ry0Hfw9vGOpx8=;
        b=UthK9RLXAss9Uc34RsA3frDBn8hSUrlNkA8CBVuFwXRXQj0dRFsOF+U4ZlnmzAnv4D
         wzNPY6ileECGNEPYHS1AD7yfIeaskiqI2HozUic6+s3GMmQx9IeX/RqDAvsbT8DG1OuN
         p0eC+GdoLvdrs9hNI4ksvaIYYd+gBVdklEiYj2F9Vd3U0DvZX51GNXpK9gSMNZWJan75
         rpqRgkINlM4rdIxJpeuygusB4u231eATX/zDrOTE23f9Y9AQND6tSHBVnsuGDpBF5tES
         Inuv7AJ8WNDLl7+1ufU7cJYGyomcOTpnypccR7W/Qop0GIlf2Jo7Ed9i0p/qnbC1wv8f
         cbGA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1698333234; x=1698938034;
        h=cc:to:content-transfer-encoding:mime-version:message-id:date
         :subject:from:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=w2K3z0z5gFfUSAY8cI9K8dVfuvFeW0ry0Hfw9vGOpx8=;
        b=Mcpw6xBs8USQl+zi5UDl13zsyRdxLwPH+TIia35iSiC9ldy4bJKg5AAcPJLRQ8Tghr
         3XqzhXzZcD32dlaw8CoBJT64HT07ogduaqp57YQDXm5yr3T5koZ5KNGdtSDTkCpmuHWK
         0J15JB0xhs+vr01DXc8x2O8U7Gq2iAtJZNyTaf4eIMZITB1FGROpF4gNO8IhvqGHCKb7
         EFNuB7aPBDd0KIGUputQW2zQM+vJdSQAWo0eD443WO9KxwXGuyLw0lSqNvVEmxB6lNVy
         iqx2PIYVuftQJV3TG19KUzSsA+VYcYmbyYEXvQNSqDxvwu2wpb1QRsaBwFWcxW05RVsR
         uLag==
X-Gm-Message-State: AOJu0YyUr2c6zzqiXObAgpb7Y7j4YgoHNDPeu65VPmPNu0p5Eh9O90N0
        APhz3PuYNp9jyw8oMdUDpT29n2/vjQ==
X-Received: by 2002:a05:600c:154e:b0:408:403a:34dc with SMTP id f14-20020a05600c154e00b00408403a34dcmr39312wmg.37.1698333233516;
        Thu, 26 Oct 2023 08:13:53 -0700 (PDT)
Received: from amdsuplus2.inf.ethz.ch (amdsuplus2.inf.ethz.ch. [129.132.31.88])
        by smtp.gmail.com with ESMTPSA id p12-20020a05600c468c00b0040472ad9a3dsm2843778wmo.14.2023.10.26.08.13.52
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 26 Oct 2023 08:13:53 -0700 (PDT)
From:   Hao Sun <sunhao.th@gmail.com>
Subject: [PATCH bpf-next 0/2] bpf: Fix incorrect immediate spill
Date:   Thu, 26 Oct 2023 17:13:09 +0200
Message-Id: <20231026-fix-check-stack-write-v1-0-6b325ef3ce7e@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-B4-Tracking: v=1; b=H4sIAAWCOmUC/x2MUQqAIBAFrxL73YJZCHaV6MNsrSWwUKkguntLP
 wMD894DmRJThr56INHJmfco0tQV+NXFhZBncdBKt43SBgPf6FfyG+bihFfiQug7Za0xtpuDA9k
 eiST8fweYjoCR7gLj+34dH7TqcQAAAA==
To:     Alexei Starovoitov <ast@kernel.org>,
        Daniel Borkmann <daniel@iogearbox.net>,
        John Fastabend <john.fastabend@gmail.com>,
        Andrii Nakryiko <andrii@kernel.org>,
        Martin KaFai Lau <martin.lau@linux.dev>,
        Song Liu <song@kernel.org>,
        Yonghong Song <yonghong.song@linux.dev>,
        KP Singh <kpsingh@kernel.org>,
        Stanislav Fomichev <sdf@google.com>,
        Hao Luo <haoluo@google.com>, Jiri Olsa <jolsa@kernel.org>,
        Mykola Lysenko <mykolal@fb.com>, Shuah Khan <shuah@kernel.org>,
        Eduard Zingerman <eddyz87@gmail.com>
Cc:     bpf@vger.kernel.org, linux-kernel@vger.kernel.org,
        linux-kselftest@vger.kernel.org, Hao Sun <sunhao.th@gmail.com>
X-Mailer: b4 0.12.3
X-Developer-Signature: v=1; a=ed25519-sha256; t=1698333232; l=785;
 i=sunhao.th@gmail.com; s=20231009; h=from:subject:message-id;
 bh=hVtWhlWKiLNsK4TYgLnM0yAhs3/EIdWSD0x17NE3x9c=;
 b=2H7GmzLqjMdVeNw0YfwhoZY6qXRqYIpp46DpQQuOdRtHfXMGnuKNyu6wg+wOQJeOpW4DaB/X1
 l5c9ynjK6qNCwSXgTI+g3ShDQEGI8HgOnTCN6Vca4SHK5J5YcC8Ic0A
X-Developer-Key: i=sunhao.th@gmail.com; a=ed25519;
 pk=AHFxrImGtyqXOuw4f5xTNh4PGReb7hzD86ayyTZCXd4=
X-Spam-Status: No, score=-0.6 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,
	SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Thu, 26 Oct 2023 08:14:50 -0700 (PDT)

Immediate is incorrectly cast to u32 before being spilled, losing sign
information. The range information is incorrect after load again. Fix
immediate spill by remove the cast. The second patch add a test case
for this.

Signed-off-by: Hao Sun <sunhao.th@gmail.com>
---
Hao Sun (2):
      bpf: Fix check_stack_write_fixed_off() to correctly spill imm
      selftests/bpf: Add test for immediate spilled to stack

 kernel/bpf/verifier.c                             |  2 +-
 tools/testing/selftests/bpf/verifier/bpf_st_mem.c | 32 +++++++++++++++++++++++
 2 files changed, 33 insertions(+), 1 deletion(-)
---
base-commit: 399f6185a1c02f39bcadb8749bc2d9d48685816f
change-id: 20231026-fix-check-stack-write-c40996694dfa

Best regards,
-- 
Hao Sun <sunhao.th@gmail.com>