| Message ID | 20240222021105.1180475-1-thinker.li@gmail.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | Check cfi_stubs before registering a struct_ops type. | expand |
Hello: This series was applied to bpf/bpf-next.git (master) by Martin KaFai Lau <martin.lau@kernel.org>: On Wed, 21 Feb 2024 18:11:03 -0800 you wrote: > From: Kui-Feng Lee <thinker.li@gmail.com> > > Recently, cfi_stubs were introduced. However, existing struct_ops > types that are not in the upstream may not be aware of this, resulting > in kernel crashes. By rejecting struct_ops types that do not provide > cfi_stubs properly during registration, these crashes can be avoided. > > [...] Here is the summary with links: - [bpf-next,v5,1/2] bpf: Check cfi_stubs before registering a struct_ops type. https://git.kernel.org/bpf/bpf-next/c/3e0008336ae3 - [bpf-next,v5,2/2] selftests/bpf: Test case for lacking CFI stub functions. https://git.kernel.org/bpf/bpf-next/c/e9bbda13a7b8 You are awesome, thank you!
From: Kui-Feng Lee <thinker.li@gmail.com> Recently, cfi_stubs were introduced. However, existing struct_ops types that are not in the upstream may not be aware of this, resulting in kernel crashes. By rejecting struct_ops types that do not provide cfi_stubs properly during registration, these crashes can be avoided. --- Changes from v4: - Remove changes of check_member. - Remove checks of the pointers in cfi_stubs[]. Changes from v3: - Remove CFI stub function for get_info. - Allow passing NULL prog arg to check_member of struct bpf_struct_ops type. - Call check_member to determines if a CFI stub function should be defined for an operator. Changes from v2: - Add a stub function for get_info of struct tcp_congestion_ops. Changes from v1: - Check *(void **)(cfi_stubs + moff) to make sure stub functions are provided for every operator. - Add a test case to ensure that struct_ops rejects incomplete cfi_stub. v4: https://lore.kernel.org/all/20240221075213.2071454-1-thinker.li@gmail.com/ v3: https://lore.kernel.org/all/20240216193434.735874-1-thinker.li@gmail.com/ v2: https://lore.kernel.org/all/20240216020350.2061373-1-thinker.li@gmail.com/ v1: https://lore.kernel.org/all/20240215022401.1882010-1-thinker.li@gmail.com/ Kui-Feng Lee (2): bpf: Check cfi_stubs before registering a struct_ops type. selftests/bpf: Test case for lacking CFI stub functions. kernel/bpf/bpf_struct_ops.c | 5 ++ tools/testing/selftests/bpf/Makefile | 10 ++- .../selftests/bpf/bpf_test_no_cfi/Makefile | 19 +++++ .../bpf/bpf_test_no_cfi/bpf_test_no_cfi.c | 84 +++++++++++++++++++ .../bpf/prog_tests/test_struct_ops_no_cfi.c | 38 +++++++++ tools/testing/selftests/bpf/testing_helpers.c | 4 +- tools/testing/selftests/bpf/testing_helpers.h | 2 + 7 files changed, 159 insertions(+), 3 deletions(-) create mode 100644 tools/testing/selftests/bpf/bpf_test_no_cfi/Makefile create mode 100644 tools/testing/selftests/bpf/bpf_test_no_cfi/bpf_test_no_cfi.c create mode 100644 tools/testing/selftests/bpf/prog_tests/test_struct_ops_no_cfi.c