Skip to main content

Browse the archive

swh:1:snp:77163734605b0ec556b01d897b7bb4a7e30d46b6
Revision 92117d8443bc5afacc8d5ba82e541946310f106e authored by Alexei Starovoitov on 28 April 2016, 01:56:20 UTC, committed by David S. Miller on 28 April 2016, 21:29:45 UTC 
bpf: fix refcnt overflow
 
On a system with >32Gbyte of phyiscal memory and infinite RLIMIT_MEMLOCK,
the malicious application may overflow 32-bit bpf program refcnt.
It's also possible to overflow map refcnt on 1Tb system.
Impose 32k hard limit which means that the same bpf program or
map cannot be shared by more than 32k processes.

Fixes: 1be7f75d1668 ("bpf: enable non-root eBPF programs")
Reported-by: Jann Horn <jannh@google.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
1 parent bd34cf6
History
Tip revision: a4412fdd49dc011bcc2c0d81ac4cab7457092650 authored by Steven Rostedt (Google) on 21 November 2022, 15:44:03 UTC
error-injection: Add prompt for function error injection
Tip revision: a4412fd
File Mode Size
Documentation
arch
block
certs
crypto
drivers
firmware
fs
include
init
ipc
kernel
lib
mm
net
samples
scripts
security
sound
tools
usr
virt
.get_maintainer.ignore -rw-r--r-- 31 bytes
.gitignore -rw-r--r-- 1.2 KB
.mailmap -rw-r--r-- 5.5 KB
COPYING -rw-r--r-- 18.3 KB
CREDITS -rw-r--r-- 95.4 KB
Kbuild -rw-r--r-- 2.6 KB
Kconfig -rw-r--r-- 252 bytes
MAINTAINERS -rw-r--r-- 344.5 KB
Makefile -rw-r--r-- 55.0 KB
README -rw-r--r-- 18.1 KB
REPORTING-BUGS -rw-r--r-- 7.3 KB

README

back to top