summaryrefslogtreecommitdiff
path: root/include/linux/timerqueue.h
diff options
context:
space:
mode:
authorDaniel Borkmann <daniel@iogearbox.net>2026-06-01 18:02:46 +0300
committerAlexei Starovoitov <ast@kernel.org>2026-06-02 04:36:40 +0300
commit60214435b365ecdd40b2f96d4e54564b5c927645 (patch)
tree251bd434d4a43854d979ff2e7cd19f8ddcf5a46b /include/linux/timerqueue.h
parent61e084152328867fe2279cc790573aae39959cd5 (diff)
downloadlinux-60214435b365ecdd40b2f96d4e54564b5c927645.tar.xz
libbpf: Skip max_entries override on signed loaders
bpf_gen__map_create() lets the host-supplied loader ctx override a map's max_entries at runtime (map_desc[idx].max_entries, when non-zero). This is how the light skeleton sizes maps to the target machine, but it happens after emit_signature_match() and is covered by neither the signed loader instructions nor the hashed blob. For a signed loader this means an untrusted host can re-dimension the program's maps, outside what the signature attests to. Gate the override on gen_hash so signed loaders use the signer-provided max_entries baked into the blob. Fixes: ea923080c145 ("libbpf: Embed and verify the metadata hash in the loader") Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/r/20260601150248.394863-6-daniel@iogearbox.net Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Diffstat (limited to 'include/linux/timerqueue.h')
0 files changed, 0 insertions, 0 deletions