diff mbox series

[-fixes] bpf: resolve_btfids: Fix integer overflow when calling elf_update()

Message ID 20240527153137.271933-1-alexghiti@rivosinc.com (mailing list archive)
State Handled Elsewhere
Headers show
Series [-fixes] bpf: resolve_btfids: Fix integer overflow when calling elf_update() | expand

Checks

Context Check Description
conchuod/vmtest-fixes-PR fail PR summary
conchuod/patch-1-test-1 success .github/scripts/patches/tests/build_rv32_defconfig.sh
conchuod/patch-1-test-2 fail .github/scripts/patches/tests/build_rv64_clang_allmodconfig.sh
conchuod/patch-1-test-3 fail .github/scripts/patches/tests/build_rv64_gcc_allmodconfig.sh
conchuod/patch-1-test-4 success .github/scripts/patches/tests/build_rv64_nommu_k210_defconfig.sh
conchuod/patch-1-test-5 success .github/scripts/patches/tests/build_rv64_nommu_virt_defconfig.sh
conchuod/patch-1-test-6 success .github/scripts/patches/tests/checkpatch.sh
conchuod/patch-1-test-7 success .github/scripts/patches/tests/dtb_warn_rv64.sh
conchuod/patch-1-test-8 success .github/scripts/patches/tests/header_inline.sh
conchuod/patch-1-test-9 success .github/scripts/patches/tests/kdoc.sh
conchuod/patch-1-test-10 success .github/scripts/patches/tests/module_param.sh
conchuod/patch-1-test-11 success .github/scripts/patches/tests/verify_fixes.sh
conchuod/patch-1-test-12 success .github/scripts/patches/tests/verify_signedoff.sh

Commit Message

Alexandre Ghiti May 27, 2024, 3:31 p.m. UTC 
The following error was encoutered in [1]:

FAILED elf_update(WRITE): no error

elf_update() returns the total size of the file which here happens to be
a ~2.5GB vmlinux file: this size overflows the integer used to hold the
return value of elf_update() and is then interpreted as being negative.

So fix this by using the correct type expected by elf_update() which is
off_t.

Fixes: fbbb68de80a4 ("bpf: Add resolve_btfids tool to resolve BTF IDs in ELF object")
Link: https://bugzilla.kernel.org/show_bug.cgi?id=218887 [1]
Signed-off-by: Alexandre Ghiti <alexghiti@rivosinc.com>
---
 tools/bpf/resolve_btfids/main.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Jiri Olsa May 27, 2024, 4 p.m. UTC | #1 
On Mon, May 27, 2024 at 05:31:37PM +0200, Alexandre Ghiti wrote:
> The following error was encoutered in [1]:
> 
> FAILED elf_update(WRITE): no error

hi,
this fix got already in, check this patch:
  https://patchwork.kernel.org/project/netdevbpf/patch/20240514070931.199694-1-friedrich.vock@gmx.de/

thanks,
jirka

> 
> elf_update() returns the total size of the file which here happens to be
> a ~2.5GB vmlinux file: this size overflows the integer used to hold the
> return value of elf_update() and is then interpreted as being negative.
> 
> So fix this by using the correct type expected by elf_update() which is
> off_t.
> 
> Fixes: fbbb68de80a4 ("bpf: Add resolve_btfids tool to resolve BTF IDs in ELF object")
> Link: https://bugzilla.kernel.org/show_bug.cgi?id=218887 [1]
> Signed-off-by: Alexandre Ghiti <alexghiti@rivosinc.com>
> ---
>  tools/bpf/resolve_btfids/main.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/tools/bpf/resolve_btfids/main.c b/tools/bpf/resolve_btfids/main.c
> index d9520cb826b3..af393c7dee1f 100644
> --- a/tools/bpf/resolve_btfids/main.c
> +++ b/tools/bpf/resolve_btfids/main.c
> @@ -728,7 +728,7 @@ static int sets_patch(struct object *obj)
>  
>  static int symbols_patch(struct object *obj)
>  {
> -	int err;
> +	off_t err;
>  
>  	if (__symbols_patch(obj, &obj->structs)  ||
>  	    __symbols_patch(obj, &obj->unions)   ||
> -- 
> 2.39.2
>
Alexandre Ghiti May 28, 2024, 5:12 a.m. UTC | #2 
Hi Jiri,

On Mon, May 27, 2024 at 6:00 PM Jiri Olsa <olsajiri@gmail.com> wrote:
>
> On Mon, May 27, 2024 at 05:31:37PM +0200, Alexandre Ghiti wrote:
> > The following error was encoutered in [1]:
> >
> > FAILED elf_update(WRITE): no error
>
> hi,
> this fix got already in, check this patch:
>   https://patchwork.kernel.org/project/netdevbpf/patch/20240514070931.199694-1-friedrich.vock@gmx.de/

Damn, I missed this.

If possible, I think that adding the link to the bug report (or at
least the "FAILED elf_update(WRITE): no error" string) would make
sense, since it is not a "potential" overflow anymore.

Thanks,

Alex

>
> thanks,
> jirka
>
> >
> > elf_update() returns the total size of the file which here happens to be
> > a ~2.5GB vmlinux file: this size overflows the integer used to hold the
> > return value of elf_update() and is then interpreted as being negative.
> >
> > So fix this by using the correct type expected by elf_update() which is
> > off_t.
> >
> > Fixes: fbbb68de80a4 ("bpf: Add resolve_btfids tool to resolve BTF IDs in ELF object")
> > Link: https://bugzilla.kernel.org/show_bug.cgi?id=218887 [1]
> > Signed-off-by: Alexandre Ghiti <alexghiti@rivosinc.com>
> > ---
> >  tools/bpf/resolve_btfids/main.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/tools/bpf/resolve_btfids/main.c b/tools/bpf/resolve_btfids/main.c
> > index d9520cb826b3..af393c7dee1f 100644
> > --- a/tools/bpf/resolve_btfids/main.c
> > +++ b/tools/bpf/resolve_btfids/main.c
> > @@ -728,7 +728,7 @@ static int sets_patch(struct object *obj)
> >
> >  static int symbols_patch(struct object *obj)
> >  {
> > -     int err;
> > +     off_t err;
> >
> >       if (__symbols_patch(obj, &obj->structs)  ||
> >           __symbols_patch(obj, &obj->unions)   ||
> > --
> > 2.39.2
> >
diff mbox series

Patch

diff --git a/tools/bpf/resolve_btfids/main.c b/tools/bpf/resolve_btfids/main.c
index d9520cb826b3..af393c7dee1f 100644
--- a/tools/bpf/resolve_btfids/main.c
+++ b/tools/bpf/resolve_btfids/main.c
@@ -728,7 +728,7 @@  static int sets_patch(struct object *obj)
 
 static int symbols_patch(struct object *obj)
 {
-	int err;
+	off_t err;
 
 	if (__symbols_patch(obj, &obj->structs)  ||
 	    __symbols_patch(obj, &obj->unions)   ||