git.hungrycats.org Git - linux/commit

author	Andrii Nakryiko <andrii@kernel.org>
	Thu, 29 Aug 2024 17:42:23 +0000 (10:42 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 17 Oct 2024 13:22:06 +0000 (15:22 +0200)
commit	84887f4c1c3ae9364e51510c75eb2115c6cb4253
tree	3ce5a2df2ca48fb668fc53e8d5483056fd4b796e	tree \| snapshot
parent	fee9e01333aa2ecd19baa39467484f574decd675	commit \| diff

lib/buildid: harden build ID parsing logic

[ Upstream commit 905415ff3ffb1d7e5afa62bacabd79776bd24606 ]

Harden build ID parsing logic, adding explicit READ_ONCE() where it's
important to have a consistent value read and validated just once.

Also, as pointed out by Andi Kleen, we need to make sure that entire ELF
note is within a page bounds, so move the overflow check up and add an
extra note_size boundaries validation.

Fixes tag below points to the code that moved this code into
lib/buildid.c, and then subsequently was used in perf subsystem, making
this code exposed to perf_event_open() users in v5.12+.

Cc: stable@vger.kernel.org
Reviewed-by: Eduard Zingerman <eddyz87@gmail.com>
Reviewed-by: Jann Horn <jannh@google.com>
Suggested-by: Andi Kleen <ak@linux.intel.com>
Fixes: bd7525dacd7e ("bpf: Move stack_map_get_build_id into lib")
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/r/20240829174232.3133883-2-andrii@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>