BPF_PROG_LOAD can now take log parameters from both union bpf_attr and struct bpf_common_attr. The merge rules are:
- if both sides provide a complete log tuple (buf/size/level) and they match, use it; - if only one side provides log parameters, use that one; - if both sides provide complete tuples but they differ, return -EINVAL. Signed-off-by: Leon Hwang <[email protected]> --- include/linux/bpf_verifier.h | 3 ++- kernel/bpf/log.c | 31 ++++++++++++++++++++++++++++++- kernel/bpf/syscall.c | 2 +- 3 files changed, 33 insertions(+), 3 deletions(-) diff --git a/include/linux/bpf_verifier.h b/include/linux/bpf_verifier.h index dbd9bdb955b3..34f28d40022a 100644 --- a/include/linux/bpf_verifier.h +++ b/include/linux/bpf_verifier.h @@ -643,7 +643,8 @@ struct bpf_log_attr { }; int bpf_log_attr_init(struct bpf_log_attr *log, u64 log_buf, u32 log_size, u32 log_level, - u32 __user *log_true_size); + u32 __user *log_true_size, struct bpf_common_attr *common, bpfptr_t uattr, + u32 size); int bpf_log_attr_finalize(struct bpf_log_attr *attr, struct bpf_verifier_log *log); #define BPF_MAX_SUBPROGS 256 diff --git a/kernel/bpf/log.c b/kernel/bpf/log.c index e31747b84fe2..a2b41bf5e9cb 100644 --- a/kernel/bpf/log.c +++ b/kernel/bpf/log.c @@ -864,14 +864,43 @@ void print_insn_state(struct bpf_verifier_env *env, const struct bpf_verifier_st print_verifier_state(env, vstate, frameno, false); } +static bool bpf_log_attrs_set(u64 log_buf, u32 log_size, u32 log_level) +{ + return log_buf && log_size && log_level; +} + +static bool bpf_log_attrs_diff(struct bpf_common_attr *common, u64 log_buf, u32 log_size, + u32 log_level) +{ + return bpf_log_attrs_set(log_buf, log_size, log_level) && + bpf_log_attrs_set(common->log_buf, common->log_size, common->log_level) && + (log_buf != common->log_buf || log_size != common->log_size || + log_level != common->log_level); +} + int bpf_log_attr_init(struct bpf_log_attr *log, u64 log_buf, u32 log_size, u32 log_level, - u32 __user *log_true_size) + u32 __user *log_true_size, struct bpf_common_attr *common, bpfptr_t uattr, + u32 size) { + if (bpf_log_attrs_diff(common, log_buf, log_size, log_level)) + return -EINVAL; + memset(log, 0, sizeof(*log)); log->log_buf = u64_to_user_ptr(log_buf); log->log_size = log_size; log->log_level = log_level; log->log_true_size = log_true_size; + + if (!log_buf && common->log_buf) { + log->log_buf = u64_to_user_ptr(common->log_buf); + log->log_size = common->log_size; + log->log_level = common->log_level; + if (size >= offsetofend(struct bpf_common_attr, log_true_size)) + log->log_true_size = uattr.user + + offsetof(struct bpf_common_attr, log_true_size); + else + log->log_true_size = NULL; + } return 0; } diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index e86674811996..17116603ff51 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c @@ -6247,7 +6247,7 @@ static int __sys_bpf(enum bpf_cmd cmd, bpfptr_t uattr, unsigned int size, if (from_user && size >= offsetofend(union bpf_attr, log_true_size)) log_true_size = uattr.user + offsetof(union bpf_attr, log_true_size); err = bpf_log_attr_init(&attr_log, attr.log_buf, attr.log_size, attr.log_level, - log_true_size); + log_true_size, &attr_common, uattr_common, size_common); err = err ?: bpf_prog_load(&attr, uattr, &attr_log); break; case BPF_OBJ_PIN: -- 2.52.0
