| Message ID | 20221120212610.2361700-1-memxor@gmail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | e181d3f143f7957a73c8365829249d8084602606 |
| Delegated to: | BPF |
| Headers | show |
| Series | [bpf-next] bpf: Disallow bpf_obj_new_impl call when bpf_mem_alloc_init fails | expand |
On Sun, Nov 20, 2022 at 1:26 PM Kumar Kartikeya Dwivedi <memxor@gmail.com> wrote: > > In the unlikely event that bpf_global_ma is not correctly initialized, > instead of checking the boolean everytime bpf_obj_new_impl is called, > simply check it while loading the program and return an error if > bpf_global_ma_set is false. > > Suggested-by: Alexei Starovoitov <ast@kernel.org> > Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com> > --- > kernel/bpf/helpers.c | 2 -- > kernel/bpf/verifier.c | 6 ++++++ > 2 files changed, 6 insertions(+), 2 deletions(-) > > diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c > index 89a95f3d854c..3d4edd314450 100644 > --- a/kernel/bpf/helpers.c > +++ b/kernel/bpf/helpers.c > @@ -1760,8 +1760,6 @@ void *bpf_obj_new_impl(u64 local_type_id__k, void *meta__ign) > u64 size = local_type_id__k; > void *p; > > - if (unlikely(!bpf_global_ma_set)) > - return NULL; > p = bpf_mem_alloc(&bpf_global_ma, size); > if (!p) > return NULL; > diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c > index 5bc9d84d7924..ea36107deee0 100644 > --- a/kernel/bpf/verifier.c > +++ b/kernel/bpf/verifier.c > @@ -8878,6 +8878,12 @@ static int check_kfunc_call(struct bpf_verifier_env *env, struct bpf_insn *insn, > struct btf *ret_btf; > u32 ret_btf_id; > > + /* Unlikely, but fail the kfunc call if bpf_global_ma > + * is not initialized. > + */ > + if (!bpf_global_ma_set) > + return -ENOMEM; I removed the comment and added unlikely(). Comments should describe things that are not obvious from C code.
Hello: This patch was applied to bpf/bpf-next.git (master) by Alexei Starovoitov <ast@kernel.org>: On Mon, 21 Nov 2022 02:56:10 +0530 you wrote: > In the unlikely event that bpf_global_ma is not correctly initialized, > instead of checking the boolean everytime bpf_obj_new_impl is called, > simply check it while loading the program and return an error if > bpf_global_ma_set is false. > > Suggested-by: Alexei Starovoitov <ast@kernel.org> > Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com> > > [...] Here is the summary with links: - [bpf-next] bpf: Disallow bpf_obj_new_impl call when bpf_mem_alloc_init fails https://git.kernel.org/bpf/bpf-next/c/e181d3f143f7 You are awesome, thank you!
diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c index 89a95f3d854c..3d4edd314450 100644 --- a/kernel/bpf/helpers.c +++ b/kernel/bpf/helpers.c @@ -1760,8 +1760,6 @@ void *bpf_obj_new_impl(u64 local_type_id__k, void *meta__ign) u64 size = local_type_id__k; void *p; - if (unlikely(!bpf_global_ma_set)) - return NULL; p = bpf_mem_alloc(&bpf_global_ma, size); if (!p) return NULL; diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index 5bc9d84d7924..ea36107deee0 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -8878,6 +8878,12 @@ static int check_kfunc_call(struct bpf_verifier_env *env, struct bpf_insn *insn, struct btf *ret_btf; u32 ret_btf_id; + /* Unlikely, but fail the kfunc call if bpf_global_ma + * is not initialized. + */ + if (!bpf_global_ma_set) + return -ENOMEM; + if (((u64)(u32)meta.arg_constant.value) != meta.arg_constant.value) { verbose(env, "local type ID argument must be in range [0, U32_MAX]\n"); return -EINVAL;
In the unlikely event that bpf_global_ma is not correctly initialized, instead of checking the boolean everytime bpf_obj_new_impl is called, simply check it while loading the program and return an error if bpf_global_ma_set is false. Suggested-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com> --- kernel/bpf/helpers.c | 2 -- kernel/bpf/verifier.c | 6 ++++++ 2 files changed, 6 insertions(+), 2 deletions(-) -- 2.38.1