Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf
Alexei Starovoitov says: ==================== pull-request: bpf 2020-05-15 The following pull-request contains BPF updates for your *net* tree. We've added 9 non-merge commits during the last 2 day(s) which contain a total of 14 files changed, 137 insertions(+), 43 deletions(-). The main changes are: 1) Fix secid_to_secctx LSM hook default value, from Anders. 2) Fix bug in mmap of bpf array, from Andrii. 3) Restrict bpf_probe_read to archs where they work, from Daniel. 4) Enforce returning 0 for fentry/fexit progs, from Yonghong. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
commit
8e1381049e
@ -112,6 +112,20 @@ used when printing stack backtraces. The specifier takes into
|
||||
consideration the effect of compiler optimisations which may occur
|
||||
when tail-calls are used and marked with the noreturn GCC attribute.
|
||||
|
||||
Probed Pointers from BPF / tracing
|
||||
----------------------------------
|
||||
|
||||
::
|
||||
|
||||
%pks kernel string
|
||||
%pus user string
|
||||
|
||||
The ``k`` and ``u`` specifiers are used for printing prior probed memory from
|
||||
either kernel memory (k) or user memory (u). The subsequent ``s`` specifier
|
||||
results in printing a string. For direct use in regular vsnprintf() the (k)
|
||||
and (u) annotation is ignored, however, when used out of BPF's bpf_trace_printk(),
|
||||
for example, it reads the memory it is pointing to without faulting.
|
||||
|
||||
Kernel Pointers
|
||||
---------------
|
||||
|
||||
|
@ -12,6 +12,7 @@ config ARM
|
||||
select ARCH_HAS_KEEPINITRD
|
||||
select ARCH_HAS_KCOV
|
||||
select ARCH_HAS_MEMBARRIER_SYNC_CORE
|
||||
select ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
|
||||
select ARCH_HAS_PTE_SPECIAL if ARM_LPAE
|
||||
select ARCH_HAS_PHYS_TO_DMA
|
||||
select ARCH_HAS_SETUP_DMA_OPS
|
||||
|
@ -20,6 +20,7 @@ config ARM64
|
||||
select ARCH_HAS_KCOV
|
||||
select ARCH_HAS_KEEPINITRD
|
||||
select ARCH_HAS_MEMBARRIER_SYNC_CORE
|
||||
select ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
|
||||
select ARCH_HAS_PTE_DEVMAP
|
||||
select ARCH_HAS_PTE_SPECIAL
|
||||
select ARCH_HAS_SETUP_DMA_OPS
|
||||
|
@ -68,6 +68,7 @@ config X86
|
||||
select ARCH_HAS_KCOV if X86_64
|
||||
select ARCH_HAS_MEM_ENCRYPT
|
||||
select ARCH_HAS_MEMBARRIER_SYNC_CORE
|
||||
select ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
|
||||
select ARCH_HAS_PMEM_API if X86_64
|
||||
select ARCH_HAS_PTE_DEVMAP if X86_64
|
||||
select ARCH_HAS_PTE_SPECIAL
|
||||
|
@ -243,7 +243,7 @@ LSM_HOOK(int, -EINVAL, getprocattr, struct task_struct *p, char *name,
|
||||
char **value)
|
||||
LSM_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t size)
|
||||
LSM_HOOK(int, 0, ismaclabel, const char *name)
|
||||
LSM_HOOK(int, 0, secid_to_secctx, u32 secid, char **secdata,
|
||||
LSM_HOOK(int, -EOPNOTSUPP, secid_to_secctx, u32 secid, char **secdata,
|
||||
u32 *seclen)
|
||||
LSM_HOOK(int, 0, secctx_to_secid, const char *secdata, u32 seclen, u32 *secid)
|
||||
LSM_HOOK(void, LSM_RET_VOID, release_secctx, char *secdata, u32 seclen)
|
||||
|
@ -2279,6 +2279,9 @@ config ASN1
|
||||
|
||||
source "kernel/Kconfig.locks"
|
||||
|
||||
config ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
|
||||
bool
|
||||
|
||||
config ARCH_HAS_SYNC_CORE_BEFORE_USERMODE
|
||||
bool
|
||||
|
||||
|
@ -486,7 +486,12 @@ static int array_map_mmap(struct bpf_map *map, struct vm_area_struct *vma)
|
||||
if (!(map->map_flags & BPF_F_MMAPABLE))
|
||||
return -EINVAL;
|
||||
|
||||
return remap_vmalloc_range(vma, array_map_vmalloc_addr(array), pgoff);
|
||||
if (vma->vm_pgoff * PAGE_SIZE + (vma->vm_end - vma->vm_start) >
|
||||
PAGE_ALIGN((u64)array->map.max_entries * array->elem_size))
|
||||
return -EINVAL;
|
||||
|
||||
return remap_vmalloc_range(vma, array_map_vmalloc_addr(array),
|
||||
vma->vm_pgoff + pgoff);
|
||||
}
|
||||
|
||||
const struct bpf_map_ops array_map_ops = {
|
||||
|
@ -4340,7 +4340,9 @@ static void do_refine_retval_range(struct bpf_reg_state *regs, int ret_type,
|
||||
|
||||
if (ret_type != RET_INTEGER ||
|
||||
(func_id != BPF_FUNC_get_stack &&
|
||||
func_id != BPF_FUNC_probe_read_str))
|
||||
func_id != BPF_FUNC_probe_read_str &&
|
||||
func_id != BPF_FUNC_probe_read_kernel_str &&
|
||||
func_id != BPF_FUNC_probe_read_user_str))
|
||||
return;
|
||||
|
||||
ret_reg->smax_value = meta->msize_max_value;
|
||||
@ -7059,6 +7061,23 @@ static int check_return_code(struct bpf_verifier_env *env)
|
||||
return 0;
|
||||
range = tnum_const(0);
|
||||
break;
|
||||
case BPF_PROG_TYPE_TRACING:
|
||||
switch (env->prog->expected_attach_type) {
|
||||
case BPF_TRACE_FENTRY:
|
||||
case BPF_TRACE_FEXIT:
|
||||
range = tnum_const(0);
|
||||
break;
|
||||
case BPF_TRACE_RAW_TP:
|
||||
case BPF_MODIFY_RETURN:
|
||||
return 0;
|
||||
default:
|
||||
return -ENOTSUPP;
|
||||
}
|
||||
break;
|
||||
case BPF_PROG_TYPE_EXT:
|
||||
/* freplace program can return anything as its return value
|
||||
* depends on the to-be-replaced kernel func or bpf program.
|
||||
*/
|
||||
default:
|
||||
return 0;
|
||||
}
|
||||
|
@ -323,17 +323,15 @@ static const struct bpf_func_proto *bpf_get_probe_write_proto(void)
|
||||
|
||||
/*
|
||||
* Only limited trace_printk() conversion specifiers allowed:
|
||||
* %d %i %u %x %ld %li %lu %lx %lld %lli %llu %llx %p %s
|
||||
* %d %i %u %x %ld %li %lu %lx %lld %lli %llu %llx %p %pks %pus %s
|
||||
*/
|
||||
BPF_CALL_5(bpf_trace_printk, char *, fmt, u32, fmt_size, u64, arg1,
|
||||
u64, arg2, u64, arg3)
|
||||
{
|
||||
int i, mod[3] = {}, fmt_cnt = 0;
|
||||
char buf[64], fmt_ptype;
|
||||
void *unsafe_ptr = NULL;
|
||||
bool str_seen = false;
|
||||
int mod[3] = {};
|
||||
int fmt_cnt = 0;
|
||||
u64 unsafe_addr;
|
||||
char buf[64];
|
||||
int i;
|
||||
|
||||
/*
|
||||
* bpf_check()->check_func_arg()->check_stack_boundary()
|
||||
@ -359,40 +357,71 @@ BPF_CALL_5(bpf_trace_printk, char *, fmt, u32, fmt_size, u64, arg1,
|
||||
if (fmt[i] == 'l') {
|
||||
mod[fmt_cnt]++;
|
||||
i++;
|
||||
} else if (fmt[i] == 'p' || fmt[i] == 's') {
|
||||
} else if (fmt[i] == 'p') {
|
||||
mod[fmt_cnt]++;
|
||||
if ((fmt[i + 1] == 'k' ||
|
||||
fmt[i + 1] == 'u') &&
|
||||
fmt[i + 2] == 's') {
|
||||
fmt_ptype = fmt[i + 1];
|
||||
i += 2;
|
||||
goto fmt_str;
|
||||
}
|
||||
|
||||
/* disallow any further format extensions */
|
||||
if (fmt[i + 1] != 0 &&
|
||||
!isspace(fmt[i + 1]) &&
|
||||
!ispunct(fmt[i + 1]))
|
||||
return -EINVAL;
|
||||
fmt_cnt++;
|
||||
if (fmt[i] == 's') {
|
||||
if (str_seen)
|
||||
/* allow only one '%s' per fmt string */
|
||||
return -EINVAL;
|
||||
str_seen = true;
|
||||
|
||||
switch (fmt_cnt) {
|
||||
case 1:
|
||||
unsafe_addr = arg1;
|
||||
arg1 = (long) buf;
|
||||
break;
|
||||
case 2:
|
||||
unsafe_addr = arg2;
|
||||
arg2 = (long) buf;
|
||||
break;
|
||||
case 3:
|
||||
unsafe_addr = arg3;
|
||||
arg3 = (long) buf;
|
||||
break;
|
||||
}
|
||||
buf[0] = 0;
|
||||
strncpy_from_unsafe(buf,
|
||||
(void *) (long) unsafe_addr,
|
||||
sizeof(buf));
|
||||
goto fmt_next;
|
||||
} else if (fmt[i] == 's') {
|
||||
mod[fmt_cnt]++;
|
||||
fmt_ptype = fmt[i];
|
||||
fmt_str:
|
||||
if (str_seen)
|
||||
/* allow only one '%s' per fmt string */
|
||||
return -EINVAL;
|
||||
str_seen = true;
|
||||
|
||||
if (fmt[i + 1] != 0 &&
|
||||
!isspace(fmt[i + 1]) &&
|
||||
!ispunct(fmt[i + 1]))
|
||||
return -EINVAL;
|
||||
|
||||
switch (fmt_cnt) {
|
||||
case 0:
|
||||
unsafe_ptr = (void *)(long)arg1;
|
||||
arg1 = (long)buf;
|
||||
break;
|
||||
case 1:
|
||||
unsafe_ptr = (void *)(long)arg2;
|
||||
arg2 = (long)buf;
|
||||
break;
|
||||
case 2:
|
||||
unsafe_ptr = (void *)(long)arg3;
|
||||
arg3 = (long)buf;
|
||||
break;
|
||||
}
|
||||
continue;
|
||||
|
||||
buf[0] = 0;
|
||||
switch (fmt_ptype) {
|
||||
case 's':
|
||||
#ifdef CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
|
||||
strncpy_from_unsafe(buf, unsafe_ptr,
|
||||
sizeof(buf));
|
||||
break;
|
||||
#endif
|
||||
case 'k':
|
||||
strncpy_from_unsafe_strict(buf, unsafe_ptr,
|
||||
sizeof(buf));
|
||||
break;
|
||||
case 'u':
|
||||
strncpy_from_unsafe_user(buf,
|
||||
(__force void __user *)unsafe_ptr,
|
||||
sizeof(buf));
|
||||
break;
|
||||
}
|
||||
goto fmt_next;
|
||||
}
|
||||
|
||||
if (fmt[i] == 'l') {
|
||||
@ -403,6 +432,7 @@ BPF_CALL_5(bpf_trace_printk, char *, fmt, u32, fmt_size, u64, arg1,
|
||||
if (fmt[i] != 'i' && fmt[i] != 'd' &&
|
||||
fmt[i] != 'u' && fmt[i] != 'x')
|
||||
return -EINVAL;
|
||||
fmt_next:
|
||||
fmt_cnt++;
|
||||
}
|
||||
|
||||
@ -825,14 +855,16 @@ bpf_tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
|
||||
return &bpf_probe_read_user_proto;
|
||||
case BPF_FUNC_probe_read_kernel:
|
||||
return &bpf_probe_read_kernel_proto;
|
||||
case BPF_FUNC_probe_read:
|
||||
return &bpf_probe_read_compat_proto;
|
||||
case BPF_FUNC_probe_read_user_str:
|
||||
return &bpf_probe_read_user_str_proto;
|
||||
case BPF_FUNC_probe_read_kernel_str:
|
||||
return &bpf_probe_read_kernel_str_proto;
|
||||
#ifdef CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
|
||||
case BPF_FUNC_probe_read:
|
||||
return &bpf_probe_read_compat_proto;
|
||||
case BPF_FUNC_probe_read_str:
|
||||
return &bpf_probe_read_compat_str_proto;
|
||||
#endif
|
||||
#ifdef CONFIG_CGROUPS
|
||||
case BPF_FUNC_get_current_cgroup_id:
|
||||
return &bpf_get_current_cgroup_id_proto;
|
||||
|
@ -2168,6 +2168,10 @@ char *fwnode_string(char *buf, char *end, struct fwnode_handle *fwnode,
|
||||
* f full name
|
||||
* P node name, including a possible unit address
|
||||
* - 'x' For printing the address. Equivalent to "%lx".
|
||||
* - '[ku]s' For a BPF/tracing related format specifier, e.g. used out of
|
||||
* bpf_trace_printk() where [ku] prefix specifies either kernel (k)
|
||||
* or user (u) memory to probe, and:
|
||||
* s a string, equivalent to "%s" on direct vsnprintf() use
|
||||
*
|
||||
* ** When making changes please also update:
|
||||
* Documentation/core-api/printk-formats.rst
|
||||
@ -2251,6 +2255,14 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr,
|
||||
if (!IS_ERR(ptr))
|
||||
break;
|
||||
return err_ptr(buf, end, ptr, spec);
|
||||
case 'u':
|
||||
case 'k':
|
||||
switch (fmt[1]) {
|
||||
case 's':
|
||||
return string(buf, end, ptr, spec);
|
||||
default:
|
||||
return error_string(buf, end, "(einval)", spec);
|
||||
}
|
||||
}
|
||||
|
||||
/* default is to _not_ leak addresses, hash before printing */
|
||||
|
@ -15,8 +15,6 @@
|
||||
#define MAX_INDEX 64
|
||||
#define MAX_STARS 38
|
||||
|
||||
char bpf_log_buf[BPF_LOG_BUF_SIZE];
|
||||
|
||||
static void stars(char *str, long val, long max, int width)
|
||||
{
|
||||
int i;
|
||||
|
@ -148,11 +148,11 @@ struct pt_regs;
|
||||
#define PT_REGS_PARM3_CORE(x) BPF_CORE_READ((PT_REGS_S390 *)(x), gprs[4])
|
||||
#define PT_REGS_PARM4_CORE(x) BPF_CORE_READ((PT_REGS_S390 *)(x), gprs[5])
|
||||
#define PT_REGS_PARM5_CORE(x) BPF_CORE_READ((PT_REGS_S390 *)(x), gprs[6])
|
||||
#define PT_REGS_RET_CORE(x) BPF_CORE_READ((PT_REGS_S390 *)(x), grps[14])
|
||||
#define PT_REGS_RET_CORE(x) BPF_CORE_READ((PT_REGS_S390 *)(x), gprs[14])
|
||||
#define PT_REGS_FP_CORE(x) BPF_CORE_READ((PT_REGS_S390 *)(x), gprs[11])
|
||||
#define PT_REGS_RC_CORE(x) BPF_CORE_READ((PT_REGS_S390 *)(x), gprs[2])
|
||||
#define PT_REGS_SP_CORE(x) BPF_CORE_READ((PT_REGS_S390 *)(x), gprs[15])
|
||||
#define PT_REGS_IP_CORE(x) BPF_CORE_READ((PT_REGS_S390 *)(x), pdw.addr)
|
||||
#define PT_REGS_IP_CORE(x) BPF_CORE_READ((PT_REGS_S390 *)(x), psw.addr)
|
||||
|
||||
#elif defined(bpf_target_arm)
|
||||
|
||||
|
@ -217,6 +217,14 @@ void test_mmap(void)
|
||||
|
||||
munmap(tmp2, 4 * page_size);
|
||||
|
||||
/* map all 4 pages, but with pg_off=1 page, should fail */
|
||||
tmp1 = mmap(NULL, 4 * page_size, PROT_READ, MAP_SHARED | MAP_FIXED,
|
||||
data_map_fd, page_size /* initial page shift */);
|
||||
if (CHECK(tmp1 != MAP_FAILED, "adv_mmap7", "unexpected success")) {
|
||||
munmap(tmp1, 4 * page_size);
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
tmp1 = mmap(NULL, map_sz, PROT_READ, MAP_SHARED, data_map_fd, 0);
|
||||
if (CHECK(tmp1 == MAP_FAILED, "last_mmap", "failed %d\n", errno))
|
||||
goto cleanup;
|
||||
|
@ -30,13 +30,13 @@ int prog3(struct bpf_raw_tracepoint_args *ctx)
|
||||
SEC("fentry/__set_task_comm")
|
||||
int BPF_PROG(prog4, struct task_struct *tsk, const char *buf, bool exec)
|
||||
{
|
||||
return !tsk;
|
||||
return 0;
|
||||
}
|
||||
|
||||
SEC("fexit/__set_task_comm")
|
||||
int BPF_PROG(prog5, struct task_struct *tsk, const char *buf, bool exec)
|
||||
{
|
||||
return !tsk;
|
||||
return 0;
|
||||
}
|
||||
|
||||
char _license[] SEC("license") = "GPL";
|
||||
|
Loading…
Reference in New Issue
Block a user