Hello:
This series was applied to bpf/bpf.git (refs/heads/master):
On Fri, 22 Jan 2021 17:42:31 +0100 you wrote:
> A toctou issue in `__cgroup_bpf_run_filter_getsockopt` can trigger a
> WARN_ON_ONCE in a check of `copy_from_user`.
> `*optlen` is checked to be non-negative in the individual getsockopt
> functions beforehand. Changing `*optlen` in a race to a negative value
> will result in a `copy_from_user(ctx.optval, optval, ctx.optlen)` with
> `ctx.optlen` being a negative integer.
>
> [...]
Here is the summary with links:
- [1/2] bpf: cgroup: Fix optlen WARN_ON_ONCE toctou
https://git.kernel.org/bpf/bpf/c/bb8b81e396f7
- [2/2] bpf: cgroup: Fix problematic bounds check
https://git.kernel.org/bpf/bpf/c/f4a2da755a7e
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
