Skip to content

Commit

Permalink
Revert "bpf: Reject indirect var_off stack access in unpriv mode"
Browse files Browse the repository at this point in the history 
ANBZ: torvalds#342

This reverts commit e232808.

Signed-off-by: Qiao Ma <mqaio@linux.alibaba.com>
Acked-by: Mao Wenan <wenan.mao@linux.alibaba.com>
Acked-by: Tony Lu <tonylu@linux.alibaba.com>
  • Loading branch information
@shiloong @maqiao-mq
shiloong authored and maqiao-mq committed Apr 20, 2022
1 parent 6647be9 commit fbba761
Showing 1 changed file with 0 additions and 13 deletions.
13 changes: 0 additions & 13 deletions kernel/bpf/verifier.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1812,19 +1812,6 @@ static int check_stack_boundary(struct bpf_verifier_env *env, int regno,
if (err)
return err;
} else {
/* Variable offset is prohibited for unprivileged mode for
* simplicity since it requires corresponding support in
* Spectre masking for stack ALU.
* See also retrieve_ptr_limit().
*/
if (!env->allow_ptr_leaks) {
char tn_buf[48];

tnum_strn(tn_buf, sizeof(tn_buf), reg->var_off);
verbose(env, "R%d indirect variable offset stack access prohibited for !root, var_off=%s\n",
regno, tn_buf);
return -EACCES;
}
/* Only initialized buffer on stack is allowed to be accessed
* with variable offset. With uninitialized buffer it's hard to
* guarantee that whole memory is marked as initialized on
Expand Down

0 comments on commit fbba761

Please sign in to comment.