On Wed, Feb 11, 2026 at 7:13 AM Leon Hwang <[email protected]> wrote: > > The next commit will add support for reporting logs via extended common > attributes, including 'log_true_size'. > > To prepare for that, refactor the 'log_true_size' reporting logic by > introducing a new struct bpf_log_attr to encapsulate log-related behavior: > > * bpf_log_attr_init(): initialize log fields, which will support > extended common attributes in the next commit. > * bpf_log_attr_finalize(): handle log finalization and write back > 'log_true_size' to userspace. > > Signed-off-by: Leon Hwang <[email protected]> > --- > include/linux/bpf.h | 4 +++- > include/linux/bpf_verifier.h | 11 +++++++++++ > kernel/bpf/log.c | 25 +++++++++++++++++++++++++ > kernel/bpf/syscall.c | 13 ++++++++++--- > kernel/bpf/verifier.c | 17 ++++------------- > 5 files changed, 53 insertions(+), 17 deletions(-) > > diff --git a/include/linux/bpf.h b/include/linux/bpf.h > index cd9b96434904..d4dbcc7ad156 100644 > --- a/include/linux/bpf.h > +++ b/include/linux/bpf.h > @@ -2913,7 +2913,9 @@ int bpf_check_uarg_tail_zero(bpfptr_t uaddr, size_t > expected_size, > size_t actual_size); > > /* verify correctness of eBPF program */ > -int bpf_check(struct bpf_prog **fp, union bpf_attr *attr, bpfptr_t uattr, > u32 uattr_size); > +struct bpf_log_attr; > +int bpf_check(struct bpf_prog **fp, union bpf_attr *attr, bpfptr_t uattr, > + struct bpf_log_attr *attr_log); > > #ifndef CONFIG_BPF_JIT_ALWAYS_ON > void bpf_patch_call_args(struct bpf_insn *insn, u32 stack_depth); > diff --git a/include/linux/bpf_verifier.h b/include/linux/bpf_verifier.h > index ef8e45a362d9..dbd9bdb955b3 100644 > --- a/include/linux/bpf_verifier.h > +++ b/include/linux/bpf_verifier.h > @@ -635,6 +635,17 @@ static inline bool bpf_verifier_log_needed(const struct > bpf_verifier_log *log) > return log && log->level; > } > > +struct bpf_log_attr { > + char __user *log_buf; > + u32 log_size; > + u32 log_level; > + u32 __user *log_true_size; > +}; > + > +int bpf_log_attr_init(struct bpf_log_attr *log, u64 log_buf, u32 log_size, > u32 log_level, > + u32 __user *log_true_size); > +int bpf_log_attr_finalize(struct bpf_log_attr *attr, struct bpf_verifier_log > *log); > + > #define BPF_MAX_SUBPROGS 256 > > struct bpf_subprog_arg_info { > diff --git a/kernel/bpf/log.c b/kernel/bpf/log.c > index a0c3b35de2ce..e31747b84fe2 100644 > --- a/kernel/bpf/log.c > +++ b/kernel/bpf/log.c > @@ -863,3 +863,28 @@ void print_insn_state(struct bpf_verifier_env *env, > const struct bpf_verifier_st > } > print_verifier_state(env, vstate, frameno, false); > } > + > +int bpf_log_attr_init(struct bpf_log_attr *log, u64 log_buf, u32 log_size, > u32 log_level, > + u32 __user *log_true_size) > +{ > + memset(log, 0, sizeof(*log)); > + log->log_buf = u64_to_user_ptr(log_buf); > + log->log_size = log_size; > + log->log_level = log_level; > + log->log_true_size = log_true_size; > + return 0; > +} > + > +int bpf_log_attr_finalize(struct bpf_log_attr *attr, struct bpf_verifier_log > *log) > +{ > + u32 log_true_size; > + int err; > + > + err = bpf_vlog_finalize(log, &log_true_size); > + > + if (attr->log_true_size && copy_to_user(attr->log_true_size, > &log_true_size, > + sizeof(log_true_size))) > + return -EFAULT; > + > + return err; > +} > diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c > index 0e231c0b1d04..e86674811996 100644 > --- a/kernel/bpf/syscall.c > +++ b/kernel/bpf/syscall.c > @@ -2867,7 +2867,7 @@ static int bpf_prog_mark_insn_arrays_ready(struct > bpf_prog *prog) > /* last field in 'union bpf_attr' used by this command */ > #define BPF_PROG_LOAD_LAST_FIELD keyring_id > > -static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 > uattr_size) > +static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, struct > bpf_log_attr *attr_log) > { > enum bpf_prog_type type = attr->prog_type; > struct bpf_prog *prog, *dst_prog = NULL; > @@ -3085,7 +3085,7 @@ static int bpf_prog_load(union bpf_attr *attr, bpfptr_t > uattr, u32 uattr_size) > goto free_prog_sec; > > /* run eBPF verifier */ > - err = bpf_check(&prog, attr, uattr, uattr_size); > + err = bpf_check(&prog, attr, uattr, attr_log); > if (err < 0) > goto free_used_maps; > > @@ -6189,7 +6189,10 @@ static int prog_assoc_struct_ops(union bpf_attr *attr) > static int __sys_bpf(enum bpf_cmd cmd, bpfptr_t uattr, unsigned int size, > bpfptr_t uattr_common, unsigned int size_common) > { > + bool from_user = !bpfptr_is_kernel(uattr); > struct bpf_common_attr attr_common; > + u32 __user *log_true_size = NULL; > + struct bpf_log_attr attr_log; > union bpf_attr attr; > int err; > > @@ -6241,7 +6244,11 @@ static int __sys_bpf(enum bpf_cmd cmd, bpfptr_t uattr, > unsigned int size, > err = map_freeze(&attr); > break; > case BPF_PROG_LOAD: > - err = bpf_prog_load(&attr, uattr, size); > + if (from_user && size >= offsetofend(union bpf_attr, > log_true_size)) > + log_true_size = uattr.user + offsetof(union bpf_attr, > log_true_size);
So you added 'from_user' gating because you replaced copy_to_bpfptr_offset() with copy_to_user()? This is a drastic change in behavior and you don't even talk about it in the commit log. You said "refactor". This is not a refactoring! This is v10. The common_attr feature is useful, but you really need to think harder about what your patches are doing. pw-bot: cr
