selftest/bpf: Test for use-after-free bug fix in inline_bpf_loop - kernel

diff options

author	Eduard Zingerman <[email protected]>	2022-06-24 02:06:13 +0000
committer	Daniel Borkmann <[email protected]>	2022-06-24 14:51:00 +0000
commit	41188e9e9defa1678abbf860ad7f6dd1ba48ad1c (patch)
tree	5dce891137cb76dba82aeaae93a6d3d990e6f75a /tools/lib/bpf/bpf.c
parent	bpf: Fix for use-after-free bug in inline_bpf_loop (diff)
download	kernel-41188e9e9defa1678abbf860ad7f6dd1ba48ad1c.tar.gz kernel-41188e9e9defa1678abbf860ad7f6dd1ba48ad1c.zip

selftest/bpf: Test for use-after-free bug fix in inline_bpf_loop

This test verifies that bpf_loop() inlining works as expected when address of `env->prog` is updated. This address is updated upon BPF program reallocation. Reallocation is handled by bpf_prog_realloc(), which reuses old memory if page boundary is not crossed. The value of `len` in the test is chosen to cross this boundary on bpf_loop() patching. Verify that the use-after-free bug in inline_bpf_loop() reported by Dan Carpenter is fixed. Signed-off-by: Eduard Zingerman <[email protected]> Signed-off-by: Daniel Borkmann <[email protected]> Link: https://lore.kernel.org/bpf/[email protected]

Diffstat (limited to 'tools/lib/bpf/bpf.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: