[3.8.y.z extended stable] Patch "s390/bpf, jit: initialize A register if 1st insn is BPF_S_LDX_B_MSH" has been added to staging queue

Kamal Mostafa kamal at canonical.com
Mon Jun 16 23:43:59 UTC 2014


This is a note to let you know that I have just added a patch titled

    s390/bpf,jit: initialize A register if 1st insn is BPF_S_LDX_B_MSH

to the linux-3.8.y-queue branch of the 3.8.y.z extended stable tree 
which can be found at:

 http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.8.y-queue

This patch is scheduled to be released in version 3.8.13.24.

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.8.y.z tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Kamal

------

>From 8c9a0effcdc8703b91490f822d90de18dc89dd81 Mon Sep 17 00:00:00 2001
From: Martin Schwidefsky <schwidefsky at de.ibm.com>
Date: Fri, 25 Apr 2014 10:53:44 +0200
Subject: s390/bpf,jit: initialize A register if 1st insn is BPF_S_LDX_B_MSH

commit 6e0de817594c61f3b392a9245deeb09609ec707d upstream.

The A register needs to be initialized to zero in the prolog if the
first instruction of the BPF program is BPF_S_LDX_B_MSH to prevent
leaking the content of %r5 to user space.

Signed-off-by: Martin Schwidefsky <schwidefsky at de.ibm.com>
Signed-off-by: Kamal Mostafa <kamal at canonical.com>
---
 arch/s390/net/bpf_jit_comp.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/arch/s390/net/bpf_jit_comp.c b/arch/s390/net/bpf_jit_comp.c
index 5e92f47..ab9e3f4 100644
--- a/arch/s390/net/bpf_jit_comp.c
+++ b/arch/s390/net/bpf_jit_comp.c
@@ -242,7 +242,6 @@ static void bpf_jit_noleaks(struct bpf_jit *jit, struct sock_filter *filter)
 	case BPF_S_LD_W_IND:
 	case BPF_S_LD_H_IND:
 	case BPF_S_LD_B_IND:
-	case BPF_S_LDX_B_MSH:
 	case BPF_S_LD_IMM:
 	case BPF_S_LD_MEM:
 	case BPF_S_MISC_TXA:
--
1.9.1





More information about the kernel-team mailing list