Skip to content
Commit f50b49a0 authored by KP Singh's avatar KP Singh Committed by Alexei Starovoitov
Browse files

bpf: btf: Fix arg verification in btf_ctx_access() 

The bounds checking for the arguments accessed in the BPF program breaks
when the expected_attach_type is not BPF_TRACE_FEXIT, BPF_LSM_MAC or
BPF_MODIFY_RETURN resulting in no check being done for the default case
(the programs which do not receive the return value of the attached
function in its arguments) when the index of the argument being accessed
is equal to the number of arguments (nr_args).

This was a result of a misplaced "else if" block  introduced by the
Commit 6ba43b76 ("bpf: Attachment verification for
BPF_MODIFY_RETURN")

Fixes: 6ba43b76

 ("bpf: Attachment verification for BPF_MODIFY_RETURN")
Reported-by: default avatarJann Horn <jannh@google.com>
Signed-off-by: default avatarKP Singh <kpsingh@google.com>
Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/20200330144246.338-1-kpsingh@chromium.org
parent 0fc31b10
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment