From: Andrey Ignatov <rdna@fb.com>
To: Christoph Hellwig <hch@lst.de>
Cc: Kees Cook <keescook@chromium.org>,
Iurii Zaikin <yzaikin@google.com>,
Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
<linux-kernel@vger.kernel.org>, <linux-mm@kvack.org>,
<linux-fsdevel@vger.kernel.org>, <netdev@vger.kernel.org>,
<bpf@vger.kernel.org>
Subject: Re: [PATCH 5/5] sysctl: pass kernel pointers to ->proc_handler
Date: Tue, 21 Apr 2020 12:23:30 -0700 [thread overview]
Message-ID: <20200421192330.GA60879@rdna-mbp.dhcp.thefacebook.com> (raw)
In-Reply-To: <20200421171539.288622-6-hch@lst.de>
Christoph Hellwig <hch@lst.de> [Tue, 2020-04-21 10:17 -0700]:
> Instead of having all the sysctl handlers deal with user pointers, which
> is rather hairy in terms of the BPF interaction, copy the input to and
> from userspace in common code. This also means that the strings are
> always NUL-terminated by the common code, making the API a little bit
> safer.
>
> As most handler just pass through the data to one of the common handlers
> a lot of the changes are mechnical.
>
> Signed-off-by: Christoph Hellwig <hch@lst.de>
...
> @@ -1172,36 +1168,28 @@ int __cgroup_bpf_run_filter_sysctl(struct ctl_table_header *head,
> .new_updated = 0,
> };
> struct cgroup *cgrp;
> + loff_t pos = 0;
> int ret;
>
> ctx.cur_val = kmalloc_track_caller(ctx.cur_len, GFP_KERNEL);
> - if (ctx.cur_val) {
> - mm_segment_t old_fs;
> - loff_t pos = 0;
> -
> - old_fs = get_fs();
> - set_fs(KERNEL_DS);
> - if (table->proc_handler(table, 0, (void __user *)ctx.cur_val,
> - &ctx.cur_len, &pos)) {
> - /* Let BPF program decide how to proceed. */
> - ctx.cur_len = 0;
> - }
> - set_fs(old_fs);
> - } else {
> + if (!ctx.cur_val ||
> + table->proc_handler(table, 0, ctx.cur_val, &ctx.cur_len, &pos)) {
> /* Let BPF program decide how to proceed. */
> ctx.cur_len = 0;
> }
>
> - if (write && buf && *pcount) {
> + if (write && *buf && *pcount) {
> /* BPF program should be able to override new value with a
> * buffer bigger than provided by user.
> */
> ctx.new_val = kmalloc_track_caller(PAGE_SIZE, GFP_KERNEL);
> ctx.new_len = min_t(size_t, PAGE_SIZE, *pcount);
> - if (!ctx.new_val ||
> - copy_from_user(ctx.new_val, buf, ctx.new_len))
> + if (ctx.new_val) {
> + memcpy(ctx.new_val, *buf, ctx.new_len);
> + } else {
> /* Let BPF program decide how to proceed. */
> ctx.new_len = 0;
> + }
> }
>
> rcu_read_lock();
> @@ -1212,7 +1200,7 @@ int __cgroup_bpf_run_filter_sysctl(struct ctl_table_header *head,
> kfree(ctx.cur_val);
>
> if (ret == 1 && ctx.new_updated) {
> - *new_buf = ctx.new_val;
> + *buf = ctx.new_val;
Original value of *buf should be freed before overriding it here
otherwise it's lost/leaked unless I missed something.
Other than this BPF part of this patch looks good to me. Feel free to
add my Ack on the next iteration with this fix.
> *pcount = ctx.new_len;
> } else {
> kfree(ctx.new_val);
--
Andrey Ignatov
next prev parent reply other threads:[~2020-04-21 19:24 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-21 17:15 pass kernel pointers to the sysctl ->proc_handler method v2 Christoph Hellwig
2020-04-21 17:15 ` [PATCH 1/5] bpf-cgroup: remove unused exports Christoph Hellwig
2020-04-22 23:39 ` Andrey Ignatov
2020-04-21 17:15 ` [PATCH 2/5] mm: remove watermark_boost_factor_sysctl_handler Christoph Hellwig
2020-04-21 19:31 ` David Rientjes
2020-04-21 19:31 ` David Rientjes
2020-04-21 17:15 ` [PATCH 3/5] sysctl: remove all extern declaration from sysctl.c Christoph Hellwig
2020-04-22 10:30 ` Vlastimil Babka
2020-04-22 17:24 ` Christoph Hellwig
2020-04-21 17:15 ` [PATCH 4/5] sysctl: avoid forward declarations Christoph Hellwig
2020-04-21 17:15 ` [PATCH 5/5] sysctl: pass kernel pointers to ->proc_handler Christoph Hellwig
2020-04-21 19:16 ` Al Viro
2020-04-22 2:46 ` Al Viro
2020-04-22 6:09 ` Christoph Hellwig
2020-04-21 19:23 ` Andrey Ignatov [this message]
2020-04-22 17:22 ` Christoph Hellwig
2020-04-22 23:40 ` Andrey Ignatov
2020-04-24 6:43 pass kernel pointers to the sysctl ->proc_handler method v3 Christoph Hellwig
2020-04-24 6:43 ` [PATCH 5/5] sysctl: pass kernel pointers to ->proc_handler Christoph Hellwig
2020-04-24 19:06 ` Andrey Ignatov
2020-04-27 5:34 ` Christoph Hellwig
2020-05-04 19:01 ` Kees Cook
2020-05-05 5:57 ` Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200421192330.GA60879@rdna-mbp.dhcp.thefacebook.com \
--to=rdna@fb.com \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=hch@lst.de \
--cc=keescook@chromium.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=netdev@vger.kernel.org \
--cc=yzaikin@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.