Message ID | 20230117223705.440975-1-jolsa@kernel.org (mailing list archive) |
---|---|
State | Accepted |
Commit | 700e6f853eb3977cd1cf172b717baa9daa328ea4 |
Delegated to: | BPF |
Headers | show |
Series | [PATCHv4,bpf-next,1/2] bpf: Do not allow to load sleepable BPF_TRACE_RAW_TP program | expand |
Context | Check | Description |
---|---|---|
bpf/vmtest-bpf-next-PR | success | PR summary |
bpf/vmtest-bpf-next-VM_Test-1 | success | Logs for ${{ matrix.test }} on ${{ matrix.arch }} with ${{ matrix.toolchain }} |
bpf/vmtest-bpf-next-VM_Test-2 | success | Logs for ShellCheck |
bpf/vmtest-bpf-next-VM_Test-3 | success | Logs for build for aarch64 with gcc |
bpf/vmtest-bpf-next-VM_Test-4 | success | Logs for build for aarch64 with llvm-16 |
bpf/vmtest-bpf-next-VM_Test-5 | fail | Logs for build for s390x with gcc |
bpf/vmtest-bpf-next-VM_Test-6 | success | Logs for build for x86_64 with gcc |
bpf/vmtest-bpf-next-VM_Test-7 | success | Logs for build for x86_64 with llvm-16 |
bpf/vmtest-bpf-next-VM_Test-8 | success | Logs for llvm-toolchain |
bpf/vmtest-bpf-next-VM_Test-9 | success | Logs for set-matrix |
netdev/tree_selection | success | Clearly marked for bpf-next |
netdev/apply | success | Patch already applied to bpf-next |
Hello: This series was applied to bpf/bpf-next.git (master) by Alexei Starovoitov <ast@kernel.org>: On Tue, 17 Jan 2023 23:37:04 +0100 you wrote: > Currently we allow to load any tracing program as sleepable, > but BPF_TRACE_RAW_TP can't sleep. Making the check explicit > for tracing programs attach types, so sleepable BPF_TRACE_RAW_TP > will fail to load. > > Updating the verifier error to mention iter programs as well. > > [...] Here is the summary with links: - [PATCHv4,bpf-next,1/2] bpf: Do not allow to load sleepable BPF_TRACE_RAW_TP program https://git.kernel.org/bpf/bpf-next/c/700e6f853eb3 - [PATCHv4,bpf-next,2/2] bpf/selftests: Add verifier tests for loading sleepable programs https://git.kernel.org/bpf/bpf-next/c/c0f264e4edb6 You are awesome, thank you!
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index fa4c911603e9..ca7db2ce70b9 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -16743,6 +16743,23 @@ BTF_ID(func, rcu_read_unlock_strict) #endif BTF_SET_END(btf_id_deny) +static bool can_be_sleepable(struct bpf_prog *prog) +{ + if (prog->type == BPF_PROG_TYPE_TRACING) { + switch (prog->expected_attach_type) { + case BPF_TRACE_FENTRY: + case BPF_TRACE_FEXIT: + case BPF_MODIFY_RETURN: + case BPF_TRACE_ITER: + return true; + default: + return false; + } + } + return prog->type == BPF_PROG_TYPE_LSM || + prog->type == BPF_PROG_TYPE_KPROBE; /* only for uprobes */ +} + static int check_attach_btf_id(struct bpf_verifier_env *env) { struct bpf_prog *prog = env->prog; @@ -16761,9 +16778,8 @@ static int check_attach_btf_id(struct bpf_verifier_env *env) return -EINVAL; } - if (prog->aux->sleepable && prog->type != BPF_PROG_TYPE_TRACING && - prog->type != BPF_PROG_TYPE_LSM && prog->type != BPF_PROG_TYPE_KPROBE) { - verbose(env, "Only fentry/fexit/fmod_ret, lsm, and kprobe/uprobe programs can be sleepable\n"); + if (prog->aux->sleepable && !can_be_sleepable(prog)) { + verbose(env, "Only fentry/fexit/fmod_ret, lsm, iter and uprobe programs can be sleepable\n"); return -EINVAL; }