diff options
| author | Roman Gushchin <guro@fb.com> | 2018-09-28 09:33:21 -0400 |
|---|---|---|
| committer | Daniel Borkmann <daniel@iogearbox.net> | 2018-09-28 09:50:23 -0400 |
| commit | 4288ea006c73e37c2a4f60dfaef20dd167b8df31 (patch) | |
| tree | 6e43c3f3344f8f54baed168fb23f16bffcf4c7aa /kernel | |
| parent | d4ce58082f206bf6e7d697380c7bc5480a8b0264 (diff) | |
bpf: harden flags check in cgroup_storage_update_elem()
cgroup_storage_update_elem() shouldn't accept any flags
argument values except BPF_ANY and BPF_EXIST to guarantee
the backward compatibility, had a new flag value been added.
Fixes: de9cbbaadba5 ("bpf: introduce cgroup storage maps")
Signed-off-by: Roman Gushchin <guro@fb.com>
Reported-by: Daniel Borkmann <daniel@iogearbox.net>
Cc: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/bpf/local_storage.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/bpf/local_storage.c b/kernel/bpf/local_storage.c index 22ad967d1e5f..94126cbffc88 100644 --- a/kernel/bpf/local_storage.c +++ b/kernel/bpf/local_storage.c | |||
| @@ -129,7 +129,7 @@ static int cgroup_storage_update_elem(struct bpf_map *map, void *_key, | |||
| 129 | struct bpf_cgroup_storage *storage; | 129 | struct bpf_cgroup_storage *storage; |
| 130 | struct bpf_storage_buffer *new; | 130 | struct bpf_storage_buffer *new; |
| 131 | 131 | ||
| 132 | if (flags & BPF_NOEXIST) | 132 | if (flags != BPF_ANY && flags != BPF_EXIST) |
| 133 | return -EINVAL; | 133 | return -EINVAL; |
| 134 | 134 | ||
| 135 | storage = cgroup_storage_lookup((struct bpf_cgroup_storage_map *)map, | 135 | storage = cgroup_storage_lookup((struct bpf_cgroup_storage_map *)map, |