[DO NOT MERGE] 0.23.1 + StackRox patches#97
Draft
Stringy wants to merge 25 commits intoupstream-mainfrom
Draft
Conversation
…ing due to integer overflow Add validation in ppm_cmsg_nxthdr to ensure cmsg_aligned_len is at least sizeof(ppm_cmsghdr) after alignment calculation. This prevents an infinite loop when malformed ancillary data contains cmsg_len = 0xFFFFFFFFFFFFFFFF, which causes integer overflow in PPM_CMSG_ALIGN macro, resulting in cmsg_aligned_len = 0 and preventing forward progress in the loop. Signed-off-by: Francesco Emmi <francesco.emmi@sysdig.com>
Guard against invalid `cmsg_len` values while accessing control messages in ancillary data. This is achieved by checking there is enough space between the current control message and the end of the buffer to hold both the current control message and the next one. This change sync the implementation of `ppm_cmsg_nxthdr()` with the current glibc implementation: https://sourceware.org/git/?p=glibc.git;a=blob;f=sysdeps/unix/sysv/linux/cmsg_nxthdr.c;h=0e602a16053ed6742ea1556d75de8540e49157f1;hb=170550da27f68a08589e91b541883dcc58dee640 Signed-off-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
Signed-off-by: Roberto Scolaro <roberto.scolaro21@gmail.com>
Signed-off-by: irozzo-1A <iacopo@sysdig.com>
Signed-off-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
Optimization for scanning, filter out those file descriptors that are not socket fds.
Introduce the interesting_subsys set to configure which cgroup subsystems are going to be considered in set_cgroups.
Signed-off-by: Matthew Knight <matthew.knight@sysdig.com>
Signed-off-by: Matthew Knight <matthew.knight@sysdig.com>
Signed-off-by: Afsan Hossain <84701952+mdafsanhossain@users.noreply.github.com>
Allow to log ASSERT failure instead of hard stopping on it. The change also enables ASSERT logging in the Release mode on debug logging level to give more information when troubleshooting.
Experiment with disabling trusted exepath to verify stackrox tests
There is an unexpected difference betweek kernels compiled with gcc and
clang. The former one doesn't support rcu attributes yet, meaning that
READ_TASK_FIELD_INFO on task->cred produces PTR_TO_BTF_ID. The latter
one does support rcu attribute, and READ_TASK_FIELD_INFO ends up with
PTR_TO_BTF_ID | MEM_RCU | MAYBE_NULL [1]. COS seems to be using clang to
compile the kernel:
# from /boot/config
CONFIG_CC_VERSION_TEXT="Chromium OS 16.0_pre484197_p20230405-r12 clang version 16.0.0
(/var/tmp/portage/sys-devel/llvm-16.0_pre484197_p20230405-r12/work/llvm-16.0_pre484197_p20230405/clang 2916b99182752b1aece8cc4479d8d6a20b5e02da)"
The verifier doesn't like the
null part, and to fix it we need to break a chain of reading and verify
that the cred structure is not null.
[1]: https://lore.kernel.org/bpf/20230228040121.94253-3-alexei.starovoitov@gmail.com/
Along the way silence compiler warnings about task_cred
* Adapt the modern probe to clang 21 The code generated by clang 21 is more 'complex' and reaches 1000000 instructions on execve(). * Force casting size(r2) parameter to bpf_probe_read_user() ...otherwise, the compiler thinks that the calling convention allows to optimize unsigned truncation, a the verifier disagrees. * Decrease MAX_IOVCNT to satisfy the verifier on rhel
Stringy
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
10 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
Any specific area of the project related to this PR?
Does this PR require a change in the driver versions?
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Does this PR introduce a user-facing change?: