You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We should mask the src/imm offset before performing shift operation.
The following PoC program implies the differences between the specification and the implementation, while the program executed in the ubpf will trigger undefined behavior since the shift offset overflows.
mov64 r8, 0x05454500
alsh64 r8, r8
exit
The text was updated successfully, but these errors were encountered:
In the upstream kernel eBPF specification, the offset of the arithmetic shift should be mask 0
In the interpreter of ubpf, the mask is missing for EBPF_OP_ARSH64 and EBPF_OP_ARSH
ubpf/vm/ubpf_vm.c
Lines 572 to 577 in a6082a2
ubpf/vm/ubpf_vm.c
Lines 475 to 482 in a6082a2
We should mask the src/imm offset before performing shift operation.
The following PoC program implies the differences between the specification and the implementation, while the program executed in the ubpf will trigger undefined behavior since the shift offset overflows.
The text was updated successfully, but these errors were encountered: