Draft: CVE-2024-38566: bpf: Fix verifier assumptions about socket->sk
requested to merge redhat/red-hat-ci-tools/kernel/bot-branches/centos-stream-9:backport-RHEL-44161-centos-stream-9-main into main
JIRA: https://issues.redhat.com/browse/RHEL-44161
CVE: CVE-2024-38566
bpf: Fix verifier assumptions about socket->sk
The verifier assumes that 'sk' field in 'struct socket' is valid
and non-NULL when 'socket' pointer itself is trusted and non-NULL.
That may not be the case when socket was just created and
passed to LSM socket_accept hook.
Fix this verifier assumption and adjust tests.
Reported-by: Liam Wisehart <liamwisehart@meta.com>
Acked-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
Fixes: 6fcd486b3a0a ("bpf: Refactor RCU enforcement in the verifier.")
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/r/20240427002544.68803-1-alexei.starovoitov@gmail.com
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
(cherry picked from commit 0db63c0b86e981a1e97d2596d64ceceba1a5470e)Signed-off-by: cki-backport-bot cki-ci-bot+cki-gitlab-backport-bot@redhat.com