From 9fab7c81ecd462ce6aa1eabd24b230f0fc6a14c7 Mon Sep 17 00:00:00 2001 From: Yucong Sun Date: Mon, 20 Dec 2021 13:12:47 -0800 Subject: [PATCH] ci: Add a step to patch kernel with temporary fixes Apply a custom set of patches against bpf-next kernel tree before building vmlinux image. --- .github/actions/vmtest/action.yml | 5 +++ travis-ci/diffs/.do_not_use_dot_patch_here | 0 .../001-fix-oob-write-in-test_verifier.diff | 35 +++++++++++++++++++ 3 files changed, 40 insertions(+) create mode 100644 travis-ci/diffs/.do_not_use_dot_patch_here create mode 100644 travis-ci/diffs/001-fix-oob-write-in-test_verifier.diff diff --git a/.github/actions/vmtest/action.yml b/.github/actions/vmtest/action.yml index 2f86607..1bb52c6 100644 --- a/.github/actions/vmtest/action.yml +++ b/.github/actions/vmtest/action.yml @@ -33,6 +33,11 @@ runs: repo: 'https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git' rev: ${{ env.CHECKPOINT }} dest: '${{ github.workspace }}/.kernel' + - name: Patch kernel source + uses: libbpf/ci/patch-kernel@master + with: + patches-root: '${{ github.workspace }}/travis-ci/diffs' + repo-root: '.kernel' - name: Prepare to build BPF selftests shell: bash run: | diff --git a/travis-ci/diffs/.do_not_use_dot_patch_here b/travis-ci/diffs/.do_not_use_dot_patch_here new file mode 100644 index 0000000..e69de29 diff --git a/travis-ci/diffs/001-fix-oob-write-in-test_verifier.diff b/travis-ci/diffs/001-fix-oob-write-in-test_verifier.diff new file mode 100644 index 0000000..eb5ef26 --- /dev/null +++ b/travis-ci/diffs/001-fix-oob-write-in-test_verifier.diff @@ -0,0 +1,35 @@ +From: Kumar Kartikeya Dwivedi +To: bpf@vger.kernel.org +Cc: Alexei Starovoitov , + Daniel Borkmann , + Andrii Nakryiko +Subject: [PATCH bpf-next] selftests/bpf: Fix OOB write in test_verifier +Date: Tue, 14 Dec 2021 07:18:00 +0530 [thread overview] +Message-ID: <20211214014800.78762-1-memxor@gmail.com> (raw) + +The commit referenced below added fixup_map_timer support (to create a +BPF map containing timers), but failed to increase the size of the +map_fds array, leading to out of bounds write. Fix this by changing +MAX_NR_MAPS to 22. + +Fixes: e60e6962c503 ("selftests/bpf: Add tests for restricted helpers") +Signed-off-by: Kumar Kartikeya Dwivedi +--- + tools/testing/selftests/bpf/test_verifier.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tools/testing/selftests/bpf/test_verifier.c b/tools/testing/selftests/bpf/test_verifier.c +index ad5d30bafd93..33e2ecb3bef9 100644 +--- a/tools/testing/selftests/bpf/test_verifier.c ++++ b/tools/testing/selftests/bpf/test_verifier.c +@@ -54,7 +54,7 @@ + #define MAX_INSNS BPF_MAXINSNS + #define MAX_TEST_INSNS 1000000 + #define MAX_FIXUPS 8 +-#define MAX_NR_MAPS 21 ++#define MAX_NR_MAPS 22 + #define MAX_TEST_RUNS 8 + #define POINTER_VALUE 0xcafe4all + #define TEST_DATA_LEN 64 +-- +2.34.1