bpf: Check validity of link->type in bpf_link_show_fdinfo()
[ Upstream commit 8421d4c8762bd022cb491f2f0f7019ef51b4f0a7 ]
If a newly-added link type doesn't invoke BPF_LINK_TYPE(), accessing
bpf_link_type_strs[link->type] may result in an out-of-bounds access.
To spot such missed invocations early in the future, checking the
validity of link->type in bpf_link_show_fdinfo() and emitting a warning
when such invocations are missed.
BUG=b/386034287
TEST=presubmit
RELEASE_NOTE=Fixed CVE-2024-53099 in the Linux kernel.
cos-patch: security-high
Change-Id: If076fba8157a01287a8e3336067cb16ed34c2df6
Signed-off-by: Hou Tao <houtao1@huawei.com>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/bpf/20241024013558.1135167-3-houtao@huaweicloud.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Kernel CVE Triage Automation <cloud-image-kernel-cve-triage-automation@prod.google.com>
Reviewed-on: https://cos-review.googlesource.com/c/third_party/kernel/+/89277
Reviewed-by: Arnav Kansal <rnv@google.com>
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Reviewed-by: Kevin Berry <kpberry@google.com>
1 file changed
