Alexei Starovoitov ff936a04e5 bpf: fix cb access in socket filter programs ... eBPF socket filter programs may see junk in 'u32 cb[5]' area, since it could have been used by protocol layers earlier. For socket filter programs used in af_packet we need to clean 20 bytes of skb->cb area if it could be used by the program. For programs attached to TCP/UDP sockets we need to save/restore these 20 bytes, since it's used by protocol layers. Remove SK_RUN_FILTER macro, since it's no longer used. Long term we may move this bpf cb area to per-cpu scratch, but that requires addition of new 'per-cpu load/store' instructions, so not suitable as a short term fix. Fixes: d691f9e8d4 ("bpf: allow programs to write to certain skb fields") Reported-by: Eric Dumazet <edumazet@google.com> Signed-off-by: Alexei Starovoitov <ast@plumgrid.com> Signed-off-by: David S. Miller <davem@davemloft.net>		2015-10-11 04:40:05 -07:00
..
arraymap.c	ebpf: include perf_event only where really needed	2015-10-05 07:04:08 -07:00
core.c	bpf: split state from prandom_u32() and consolidate {c, e}BPF prngs	2015-10-08 05:26:39 -07:00
hashtab.c	ebpf: constify various function pointer structs	2015-03-01 14:05:18 -05:00
helpers.c	bpf: split state from prandom_u32() and consolidate {c, e}BPF prngs	2015-10-08 05:26:39 -07:00
Makefile	ebpf: remove kernel test stubs	2015-03-01 14:05:18 -05:00
syscall.c	bpf: split state from prandom_u32() and consolidate {c, e}BPF prngs	2015-10-08 05:26:39 -07:00
verifier.c	bpf: fix cb access in socket filter programs	2015-10-11 04:40:05 -07:00