diff options
author | Stanislav Fomichev <sdf@google.com> | 2019-07-15 19:39:53 +0300 |
---|---|---|
committer | Daniel Borkmann <daniel@iogearbox.net> | 2019-07-16 00:15:53 +0300 |
commit | d4ecfeb15494ec261fef2d25d96eecba66f0b182 (patch) | |
tree | 88d1e6879448ca54b57b7ad17dfa3dc0753d0c3f /net | |
parent | b43995469e5804636a55372e9bbb17ccb22441c5 (diff) | |
download | linux-d4ecfeb15494ec261fef2d25d96eecba66f0b182.tar.xz |
bpf: allow wide aligned loads for bpf_sock_addr user_ip6 and msg_src_ip6
Add explicit check for u64 loads of user_ip6 and msg_src_ip6 and
update the comment.
Cc: Yonghong Song <yhs@fb.com>
Signed-off-by: Stanislav Fomichev <sdf@google.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Diffstat (limited to 'net')
-rw-r--r-- | net/core/filter.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/net/core/filter.c b/net/core/filter.c index c5983ddb1a9f..0f6854ccf894 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -6884,9 +6884,19 @@ static bool sock_addr_is_valid_access(int off, int size, case bpf_ctx_range(struct bpf_sock_addr, msg_src_ip4): case bpf_ctx_range_till(struct bpf_sock_addr, msg_src_ip6[0], msg_src_ip6[3]): - /* Only narrow read access allowed for now. */ if (type == BPF_READ) { bpf_ctx_record_field_size(info, size_default); + + if (bpf_ctx_wide_access_ok(off, size, + struct bpf_sock_addr, + user_ip6)) + return true; + + if (bpf_ctx_wide_access_ok(off, size, + struct bpf_sock_addr, + msg_src_ip6)) + return true; + if (!bpf_ctx_narrow_access_ok(off, size, size_default)) return false; } else { |