From: Daniel Borkmann <[email protected]>
Date: Wed, 2 Sep 2015 14:00:36 +0200
> diag socket's sock_diag_put_filterinfo() dumps classic BPF programs
> upon request to user space (ss -0 -b). However, native eBPF programs
> attached to sockets (SO_ATTACH_BPF) cannot be dumped with this method:
>
> Their orig_prog is always NULL. However, sock_diag_put_filterinfo()
> unconditionally tries to access its filter length resp. wants to copy
> the filter insns from there. Internal cBPF to eBPF transformations
> attached to sockets don't have this issue, as orig_prog state is kept.
>
> It's currently only used by packet sockets. If we would want to add
> native eBPF support in the future, this needs to be done through
> a different attribute than PACKET_DIAG_FILTER to not confuse possible
> user space disassemblers that work on diag data.
>
> Fixes: 89aa075832b0 ("net: sock: allow eBPF programs to be attached to
> sockets")
> Signed-off-by: Daniel Borkmann <[email protected]>
Applied and queued up for -stable, thanks.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
