1. Patchew
  2. linux
  3. View series

[PATCH v3 bpf-next 0/2] bpf: Fix Null-Pointer Dereference in kernel_clone() via BPF fmod_ret on security_task_alloc

Feng Yang posted 2 patches 2 months ago 
kernel/bpf/verifier.c                         | 114 +++++++++++++++++-
.../selftests/bpf/prog_tests/verifier.c       |   2 +
.../bpf/progs/verifier_fmod_ret_return.c      |  59 +++++++++
3 files changed, 173 insertions(+), 2 deletions(-)
create mode 100644 tools/testing/selftests/bpf/progs/verifier_fmod_ret_return.c
[PATCH v3 bpf-next 0/2] bpf: Fix Null-Pointer Dereference in kernel_clone() via BPF fmod_ret on security_task_alloc
Posted by Feng Yang 2 months ago 
From: Feng Yang <yangfeng@kylinos.cn>

This patch set adds return value validation for fmod_ret
to prevent system crashes caused by incorrect return values.

Changes in v3:
- Do not move the code, and make some formatting changes. Thanks, Leon
  Hwang.
- Error injection always ensures that 0 is a valid return value. Thanks,
  Menglong Dong.
- Link to v2: https://lore.kernel.org/all/20260410061037.149532-1-yangfeng59949@163.com/
Changes in v2:
- Add validation for fault injection and include selftests. Thanks, Jiri
  Olsa, Jiayuan Chen.
- Link to v1: https://lore.kernel.org/all/20260408094816.228322-1-yangfeng59949@163.com/

Feng Yang (2):
  bpf: Fix Null-Pointer Dereference in kernel_clone() via BPF fmod_ret
    on security_task_alloc
  selftests/bpf: Add selftests for verifying return values of fmod_ret.

 kernel/bpf/verifier.c                         | 114 +++++++++++++++++-
 .../selftests/bpf/prog_tests/verifier.c       |   2 +
 .../bpf/progs/verifier_fmod_ret_return.c      |  59 +++++++++
 3 files changed, 173 insertions(+), 2 deletions(-)
 create mode 100644 tools/testing/selftests/bpf/progs/verifier_fmod_ret_return.c

-- 
2.43.0

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.