The log buffer of common attributes would be confusing with the one in 'union bpf_attr' for BPF_PROG_LOAD.
In order to clarify the usage of these two log buffers, they both can be used for logging if: * They are same, including 'log_buf', 'log_level' and 'log_size'. * One of them is missing, then another one will be used for logging. If they both have 'log_buf' but they are not same totally, return -EUSERS. Signed-off-by: Leon Hwang <[email protected]> --- include/linux/bpf_verifier.h | 4 +++- kernel/bpf/log.c | 29 ++++++++++++++++++++++++++--- kernel/bpf/syscall.c | 9 ++++++--- 3 files changed, 35 insertions(+), 7 deletions(-) diff --git a/include/linux/bpf_verifier.h b/include/linux/bpf_verifier.h index 4c9632c40059..da2d37ca60e7 100644 --- a/include/linux/bpf_verifier.h +++ b/include/linux/bpf_verifier.h @@ -637,9 +637,11 @@ struct bpf_log_attr { u32 log_level; struct bpf_attrs *attrs; u32 offsetof_log_true_size; + struct bpf_attrs *attrs_common; }; -int bpf_prog_load_log_attr_init(struct bpf_log_attr *log_attr, struct bpf_attrs *attrs); +int bpf_prog_load_log_attr_init(struct bpf_log_attr *log_attr, struct bpf_attrs *attrs, + struct bpf_attrs *attrs_common); int bpf_log_attr_finalize(struct bpf_log_attr *log_attr, struct bpf_verifier_log *log); #define BPF_MAX_SUBPROGS 256 diff --git a/kernel/bpf/log.c b/kernel/bpf/log.c index 457b724c4176..eba60a13e244 100644 --- a/kernel/bpf/log.c +++ b/kernel/bpf/log.c @@ -865,23 +865,41 @@ void print_insn_state(struct bpf_verifier_env *env, const struct bpf_verifier_st } static int bpf_log_attr_init(struct bpf_log_attr *log_attr, struct bpf_attrs *attrs, u64 log_buf, - u32 log_size, u32 log_level, int offsetof_log_true_size) + u32 log_size, u32 log_level, int offsetof_log_true_size, + struct bpf_attrs *attrs_common) { + const struct bpf_common_attr *common_attr = attrs_common ? attrs_common->attr : NULL; + memset(log_attr, 0, sizeof(*log_attr)); log_attr->log_buf = log_buf; log_attr->log_size = log_size; log_attr->log_level = log_level; log_attr->attrs = attrs; log_attr->offsetof_log_true_size = offsetof_log_true_size; + log_attr->attrs_common = attrs_common; + + if (log_buf && common_attr && common_attr->log_buf && + (log_buf != common_attr->log_buf || + log_size != common_attr->log_size || + log_level != common_attr->log_level)) + return -EUSERS; + + if (!log_buf && common_attr && common_attr->log_buf) { + log_attr->log_buf = common_attr->log_buf; + log_attr->log_size = common_attr->log_size; + log_attr->log_level = common_attr->log_level; + } + return 0; } -int bpf_prog_load_log_attr_init(struct bpf_log_attr *log_attr, struct bpf_attrs *attrs) +int bpf_prog_load_log_attr_init(struct bpf_log_attr *log_attr, struct bpf_attrs *attrs, + struct bpf_attrs *attrs_common) { const union bpf_attr *attr = attrs->attr; return bpf_log_attr_init(log_attr, attrs, attr->log_buf, attr->log_size, attr->log_level, - offsetof(union bpf_attr, log_true_size)); + offsetof(union bpf_attr, log_true_size), attrs_common); } int bpf_log_attr_finalize(struct bpf_log_attr *log_attr, struct bpf_verifier_log *log) @@ -901,5 +919,10 @@ int bpf_log_attr_finalize(struct bpf_log_attr *log_attr, struct bpf_verifier_log copy_to_bpfptr_offset(log_attr->attrs->uattr, off, &log_true_size, size)) err = -EFAULT; + off = offsetof(struct bpf_common_attr, log_true_size); + if (log_attr->attrs_common && log_attr->attrs_common->size >= off + size && + copy_to_bpfptr_offset(log_attr->attrs_common->uattr, off, &log_true_size, size)) + err = -EFAULT; + return err; } diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index 0b389bc6add8..f369b9ec9d60 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c @@ -2865,7 +2865,8 @@ static int bpf_prog_mark_insn_arrays_ready(struct bpf_prog *prog) /* last field in 'union bpf_attr' used by this command */ #define BPF_PROG_LOAD_LAST_FIELD keyring_id -static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size) +static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size, + struct bpf_attrs *common_attrs) { enum bpf_prog_type type = attr->prog_type; struct bpf_prog *prog, *dst_prog = NULL; @@ -3085,7 +3086,7 @@ static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size) goto free_prog_sec; bpf_attrs_init(&attrs, attr, uattr, uattr_size); - err = bpf_prog_load_log_attr_init(&log_attr, &attrs); + err = bpf_prog_load_log_attr_init(&log_attr, &attrs, common_attrs); if (err < 0) goto free_used_maps; @@ -6174,6 +6175,7 @@ static int __sys_bpf(enum bpf_cmd cmd, bpfptr_t uattr, unsigned int size, bpfptr_t uattr_common, unsigned int size_common) { struct bpf_common_attr common_attr; + struct bpf_attrs common_attrs; union bpf_attr attr; int err; @@ -6225,7 +6227,8 @@ static int __sys_bpf(enum bpf_cmd cmd, bpfptr_t uattr, unsigned int size, err = map_freeze(&attr); break; case BPF_PROG_LOAD: - err = bpf_prog_load(&attr, uattr, size); + bpf_attrs_init(&common_attrs, &common_attr, uattr_common, size_common); + err = bpf_prog_load(&attr, uattr, size, &common_attrs); break; case BPF_OBJ_PIN: err = bpf_obj_pin(&attr); -- 2.52.0
