Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4288ea00 authored by Roman Gushchin's avatar Roman Gushchin Committed by Daniel Borkmann
Browse files

bpf: harden flags check in cgroup_storage_update_elem() 



cgroup_storage_update_elem() shouldn't accept any flags
argument values except BPF_ANY and BPF_EXIST to guarantee
the backward compatibility, had a new flag value been added.

Fixes: de9cbbaa ("bpf: introduce cgroup storage maps")
Signed-off-by: default avatarRoman Gushchin <guro@fb.com>
Reported-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
Cc: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
parent d4ce5808

kernel/bpf/local_storage.c

+1 −1
Original line number Diff line number Diff line
@@ -129,7 +129,7 @@ static int cgroup_storage_update_elem(struct bpf_map *map, void *_key, 
	struct bpf_cgroup_storage *storage;

	struct bpf_storage_buffer *new;



	if (flags & BPF_NOEXIST)

	if (flags != BPF_ANY && flags != BPF_EXIST)

		return -EINVAL;



	storage = cgroup_storage_lookup((struct bpf_cgroup_storage_map *)map,