All of lore.kernel.org
 help / color / mirror / Atom feed
From: Dan Carpenter <dan.carpenter@oracle.com>
To: kbuild@lists.01.org
Subject: Re: [PATCH bpf-next v9 05/11] bpf: support attaching freplace programs to multiple attach points
Date: Tue, 29 Sep 2020 10:07:20 +0300	[thread overview]
Message-ID: <20200929070720.GV4282@kadam> (raw)
In-Reply-To: <160106910487.27725.11983967672504271627.stgit@toke.dk>

[-- Attachment #1: Type: text/plain, Size: 21364 bytes --]

Hi Toke,

url:    https://github.com/0day-ci/linux/commits/Toke-H-iland-J-rgensen/bpf-Support-multi-attach-for-freplace-programs/20200926-052738
base:   https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git master
config: x86_64-randconfig-m001-20200925 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-15) 9.3.0

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>

smatch warnings:
kernel/bpf/verifier.c:11378 bpf_check_attach_target() error: we previously assumed 'dst_prog' could be null (see line 11250)

vim +/dst_prog +11378 kernel/bpf/verifier.c

f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11215  int bpf_check_attach_target(struct bpf_verifier_log *log,
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11216  			    const struct bpf_prog *prog,
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11217  			    const struct bpf_prog *dst_prog,
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11218  			    u32 btf_id,
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11219  			    struct bpf_attach_target_info *tgt_info)
38207291604401 Martin KaFai Lau       2019-10-24  11220  {
be8704ff07d237 Alexei Starovoitov     2020-01-20  11221  	bool prog_extension = prog->type == BPF_PROG_TYPE_EXT;
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11222  	const char prefix[] = "btf_trace_";
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11223  	int ret = 0, subprog = -1, i;
38207291604401 Martin KaFai Lau       2019-10-24  11224  	const struct btf_type *t;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11225  	bool conservative = true;
38207291604401 Martin KaFai Lau       2019-10-24  11226  	const char *tname;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11227  	struct btf *btf;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11228  	long addr = 0;
38207291604401 Martin KaFai Lau       2019-10-24  11229  
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11230  	if (!btf_id) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11231  		bpf_log(log, "Tracing programs must provide btf_id\n");
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11232  		return -EINVAL;
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11233  	}
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11234  	btf = dst_prog ? dst_prog->aux->btf : btf_vmlinux;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11235  	if (!btf) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11236  		bpf_log(log,
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11237  			"FENTRY/FEXIT program can only be attached to another program annotated with BTF\n");
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11238  		return -EINVAL;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11239  	}
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11240  	t = btf_type_by_id(btf, btf_id);
38207291604401 Martin KaFai Lau       2019-10-24  11241  	if (!t) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11242  		bpf_log(log, "attach_btf_id %u is invalid\n", btf_id);
38207291604401 Martin KaFai Lau       2019-10-24  11243  		return -EINVAL;
38207291604401 Martin KaFai Lau       2019-10-24  11244  	}
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11245  	tname = btf_name_by_offset(btf, t->name_off);
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11246  	if (!tname) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11247  		bpf_log(log, "attach_btf_id %u doesn't have a name\n", btf_id);
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11248  		return -EINVAL;
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11249  	}
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25 @11250  	if (dst_prog) {

Check for NULL.

0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11251  		struct bpf_prog_aux *aux = dst_prog->aux;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11252  
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11253  		for (i = 0; i < aux->func_info_cnt; i++)
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11254  			if (aux->func_info[i].type_id == btf_id) {
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11255  				subprog = i;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11256  				break;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11257  			}
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11258  		if (subprog == -1) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11259  			bpf_log(log, "Subprog %s doesn't exist\n", tname);
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11260  			return -EINVAL;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11261  		}
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11262  		conservative = aux->func_info_aux[subprog].unreliable;
be8704ff07d237 Alexei Starovoitov     2020-01-20  11263  		if (prog_extension) {
be8704ff07d237 Alexei Starovoitov     2020-01-20  11264  			if (conservative) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11265  				bpf_log(log,
be8704ff07d237 Alexei Starovoitov     2020-01-20  11266  					"Cannot replace static functions\n");
be8704ff07d237 Alexei Starovoitov     2020-01-20  11267  				return -EINVAL;
be8704ff07d237 Alexei Starovoitov     2020-01-20  11268  			}
be8704ff07d237 Alexei Starovoitov     2020-01-20  11269  			if (!prog->jit_requested) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11270  				bpf_log(log,
be8704ff07d237 Alexei Starovoitov     2020-01-20  11271  					"Extension programs should be JITed\n");
be8704ff07d237 Alexei Starovoitov     2020-01-20  11272  				return -EINVAL;
be8704ff07d237 Alexei Starovoitov     2020-01-20  11273  			}
be8704ff07d237 Alexei Starovoitov     2020-01-20  11274  		}
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11275  		if (!dst_prog->jited) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11276  			bpf_log(log, "Can attach to only JITed progs\n");
be8704ff07d237 Alexei Starovoitov     2020-01-20  11277  			return -EINVAL;
be8704ff07d237 Alexei Starovoitov     2020-01-20  11278  		}
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11279  		if (dst_prog->type == prog->type) {
be8704ff07d237 Alexei Starovoitov     2020-01-20  11280  			/* Cannot fentry/fexit another fentry/fexit program.
be8704ff07d237 Alexei Starovoitov     2020-01-20  11281  			 * Cannot attach program extension to another extension.
be8704ff07d237 Alexei Starovoitov     2020-01-20  11282  			 * It's ok to attach fentry/fexit to extension program.
be8704ff07d237 Alexei Starovoitov     2020-01-20  11283  			 */
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11284  			bpf_log(log, "Cannot recursively attach\n");
be8704ff07d237 Alexei Starovoitov     2020-01-20  11285  			return -EINVAL;
be8704ff07d237 Alexei Starovoitov     2020-01-20  11286  		}
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11287  		if (dst_prog->type == BPF_PROG_TYPE_TRACING &&
be8704ff07d237 Alexei Starovoitov     2020-01-20  11288  		    prog_extension &&
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11289  		    (dst_prog->expected_attach_type == BPF_TRACE_FENTRY ||
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11290  		     dst_prog->expected_attach_type == BPF_TRACE_FEXIT)) {
be8704ff07d237 Alexei Starovoitov     2020-01-20  11291  			/* Program extensions can extend all program types
be8704ff07d237 Alexei Starovoitov     2020-01-20  11292  			 * except fentry/fexit. The reason is the following.
be8704ff07d237 Alexei Starovoitov     2020-01-20  11293  			 * The fentry/fexit programs are used for performance
be8704ff07d237 Alexei Starovoitov     2020-01-20  11294  			 * analysis, stats and can be attached to any program
be8704ff07d237 Alexei Starovoitov     2020-01-20  11295  			 * type except themselves. When extension program is
be8704ff07d237 Alexei Starovoitov     2020-01-20  11296  			 * replacing XDP function it is necessary to allow
be8704ff07d237 Alexei Starovoitov     2020-01-20  11297  			 * performance analysis of all functions. Both original
be8704ff07d237 Alexei Starovoitov     2020-01-20  11298  			 * XDP program and its program extension. Hence
be8704ff07d237 Alexei Starovoitov     2020-01-20  11299  			 * attaching fentry/fexit to BPF_PROG_TYPE_EXT is
be8704ff07d237 Alexei Starovoitov     2020-01-20  11300  			 * allowed. If extending of fentry/fexit was allowed it
be8704ff07d237 Alexei Starovoitov     2020-01-20  11301  			 * would be possible to create long call chain
be8704ff07d237 Alexei Starovoitov     2020-01-20  11302  			 * fentry->extension->fentry->extension beyond
be8704ff07d237 Alexei Starovoitov     2020-01-20  11303  			 * reasonable stack size. Hence extending fentry is not
be8704ff07d237 Alexei Starovoitov     2020-01-20  11304  			 * allowed.
be8704ff07d237 Alexei Starovoitov     2020-01-20  11305  			 */
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11306  			bpf_log(log, "Cannot extend fentry/fexit\n");
be8704ff07d237 Alexei Starovoitov     2020-01-20  11307  			return -EINVAL;
be8704ff07d237 Alexei Starovoitov     2020-01-20  11308  		}
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11309  	} else {
be8704ff07d237 Alexei Starovoitov     2020-01-20  11310  		if (prog_extension) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11311  			bpf_log(log, "Cannot replace kernel functions\n");
be8704ff07d237 Alexei Starovoitov     2020-01-20  11312  			return -EINVAL;
be8704ff07d237 Alexei Starovoitov     2020-01-20  11313  		}

>From here we know that "dst_prog" can only be NULL when "prog_extension"
is NULL.

5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11314  	}
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11315  
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11316  	switch (prog->expected_attach_type) {
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11317  	case BPF_TRACE_RAW_TP:
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11318  		if (dst_prog) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11319  			bpf_log(log,
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11320  				"Only FENTRY/FEXIT progs are attachable to another BPF prog\n");
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11321  			return -EINVAL;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11322  		}
38207291604401 Martin KaFai Lau       2019-10-24  11323  		if (!btf_type_is_typedef(t)) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11324  			bpf_log(log, "attach_btf_id %u is not a typedef\n",
38207291604401 Martin KaFai Lau       2019-10-24  11325  				btf_id);
38207291604401 Martin KaFai Lau       2019-10-24  11326  			return -EINVAL;
38207291604401 Martin KaFai Lau       2019-10-24  11327  		}
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11328  		if (strncmp(prefix, tname, sizeof(prefix) - 1)) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11329  			bpf_log(log, "attach_btf_id %u points to wrong type name %s\n",
38207291604401 Martin KaFai Lau       2019-10-24  11330  				btf_id, tname);
38207291604401 Martin KaFai Lau       2019-10-24  11331  			return -EINVAL;
38207291604401 Martin KaFai Lau       2019-10-24  11332  		}
38207291604401 Martin KaFai Lau       2019-10-24  11333  		tname += sizeof(prefix) - 1;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11334  		t = btf_type_by_id(btf, t->type);
38207291604401 Martin KaFai Lau       2019-10-24  11335  		if (!btf_type_is_ptr(t))
38207291604401 Martin KaFai Lau       2019-10-24  11336  			/* should never happen in valid vmlinux build */
38207291604401 Martin KaFai Lau       2019-10-24  11337  			return -EINVAL;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11338  		t = btf_type_by_id(btf, t->type);
38207291604401 Martin KaFai Lau       2019-10-24  11339  		if (!btf_type_is_func_proto(t))
38207291604401 Martin KaFai Lau       2019-10-24  11340  			/* should never happen in valid vmlinux build */
38207291604401 Martin KaFai Lau       2019-10-24  11341  			return -EINVAL;
38207291604401 Martin KaFai Lau       2019-10-24  11342  
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11343  		break;
15d83c4d7cef5c Yonghong Song          2020-05-09  11344  	case BPF_TRACE_ITER:
15d83c4d7cef5c Yonghong Song          2020-05-09  11345  		if (!btf_type_is_func(t)) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11346  			bpf_log(log, "attach_btf_id %u is not a function\n",
15d83c4d7cef5c Yonghong Song          2020-05-09  11347  				btf_id);
15d83c4d7cef5c Yonghong Song          2020-05-09  11348  			return -EINVAL;
15d83c4d7cef5c Yonghong Song          2020-05-09  11349  		}
15d83c4d7cef5c Yonghong Song          2020-05-09  11350  		t = btf_type_by_id(btf, t->type);
15d83c4d7cef5c Yonghong Song          2020-05-09  11351  		if (!btf_type_is_func_proto(t))
15d83c4d7cef5c Yonghong Song          2020-05-09  11352  			return -EINVAL;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11353  		ret = btf_distill_func_proto(log, btf, t, tname, &tgt_info->fmodel);
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11354  		if (ret)
15d83c4d7cef5c Yonghong Song          2020-05-09  11355  			return ret;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11356  		break;
be8704ff07d237 Alexei Starovoitov     2020-01-20  11357  	default:
be8704ff07d237 Alexei Starovoitov     2020-01-20  11358  		if (!prog_extension)
be8704ff07d237 Alexei Starovoitov     2020-01-20  11359  			return -EINVAL;
df561f6688fef7 Gustavo A. R. Silva    2020-08-23  11360  		fallthrough;
ae24082331d9bb KP Singh               2020-03-04  11361  	case BPF_MODIFY_RETURN:
9e4e01dfd3254c KP Singh               2020-03-29  11362  	case BPF_LSM_MAC:
fec56f5890d93f Alexei Starovoitov     2019-11-14  11363  	case BPF_TRACE_FENTRY:
fec56f5890d93f Alexei Starovoitov     2019-11-14  11364  	case BPF_TRACE_FEXIT:
fec56f5890d93f Alexei Starovoitov     2019-11-14  11365  		if (!btf_type_is_func(t)) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11366  			bpf_log(log, "attach_btf_id %u is not a function\n",
fec56f5890d93f Alexei Starovoitov     2019-11-14  11367  				btf_id);
fec56f5890d93f Alexei Starovoitov     2019-11-14  11368  			return -EINVAL;
fec56f5890d93f Alexei Starovoitov     2019-11-14  11369  		}
be8704ff07d237 Alexei Starovoitov     2020-01-20  11370  		if (prog_extension &&
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11371  		    btf_check_type_match(log, prog, btf, t))

If "prog_extension" can be NULL or non-NULL.

be8704ff07d237 Alexei Starovoitov     2020-01-20  11372  			return -EINVAL;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11373  		t = btf_type_by_id(btf, t->type);
fec56f5890d93f Alexei Starovoitov     2019-11-14  11374  		if (!btf_type_is_func_proto(t))
fec56f5890d93f Alexei Starovoitov     2019-11-14  11375  			return -EINVAL;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11376  
7c9bfdeec82c49 Toke Høiland-Jørgensen 2020-09-25  11377  		if ((prog->aux->saved_dst_prog_type &&
7c9bfdeec82c49 Toke Høiland-Jørgensen 2020-09-25 @11378  		     prog->aux->saved_dst_prog_type != dst_prog->type) ||
                                                                                                               ^^^^^^^^^^^^^^
Unchecked dereference.

7c9bfdeec82c49 Toke Høiland-Jørgensen 2020-09-25  11379  		    (prog->aux->saved_dst_attach_type &&
7c9bfdeec82c49 Toke Høiland-Jørgensen 2020-09-25  11380  		     prog->aux->saved_dst_attach_type != dst_prog->expected_attach_type))
7c9bfdeec82c49 Toke Høiland-Jørgensen 2020-09-25  11381  			return -EINVAL;
7c9bfdeec82c49 Toke Høiland-Jørgensen 2020-09-25  11382  
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11383  		if (dst_prog && conservative)
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11384  			t = NULL;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11385  
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11386  		ret = btf_distill_func_proto(log, btf, t, tname, &tgt_info->fmodel);
fec56f5890d93f Alexei Starovoitov     2019-11-14  11387  		if (ret < 0)
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11388  			return ret;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11389  
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11390  		if (dst_prog) {
e9eeec58c992c4 Yonghong Song          2019-12-04  11391  			if (subprog == 0)
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11392  				addr = (long) dst_prog->bpf_func;
e9eeec58c992c4 Yonghong Song          2019-12-04  11393  			else
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11394  				addr = (long) dst_prog->aux->func[subprog]->bpf_func;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11395  		} else {
fec56f5890d93f Alexei Starovoitov     2019-11-14  11396  			addr = kallsyms_lookup_name(tname);
fec56f5890d93f Alexei Starovoitov     2019-11-14  11397  			if (!addr) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11398  				bpf_log(log,
fec56f5890d93f Alexei Starovoitov     2019-11-14  11399  					"The address of function %s cannot be found\n",
fec56f5890d93f Alexei Starovoitov     2019-11-14  11400  					tname);
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11401  				return -ENOENT;
fec56f5890d93f Alexei Starovoitov     2019-11-14  11402  			}
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11403  		}
18644cec714aab Alexei Starovoitov     2020-05-28  11404  
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11405  		if (prog->aux->sleepable) {
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11406  			ret = -EINVAL;
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11407  			switch (prog->type) {
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11408  			case BPF_PROG_TYPE_TRACING:
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11409  				/* fentry/fexit/fmod_ret progs can be sleepable only if they are
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11410  				 * attached to ALLOW_ERROR_INJECTION and are not in denylist.
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11411  				 */
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11412  				if (!check_non_sleepable_error_inject(btf_id) &&
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11413  				    within_error_injection_list(addr))
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11414  					ret = 0;
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11415  				break;
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11416  			case BPF_PROG_TYPE_LSM:
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11417  				/* LSM progs check that they are attached to bpf_lsm_*() funcs.
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11418  				 * Only some of them are sleepable.
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11419  				 */
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11420  				if (check_sleepable_lsm_hook(btf_id))
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11421  					ret = 0;
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11422  				break;
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11423  			default:
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11424  				break;
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11425  			}
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11426  			if (ret) {
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11427  				bpf_log(log, "%s is not sleepable\n", tname);
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11428  				return ret;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11429  			}
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11430  		} else if (prog->expected_attach_type == BPF_MODIFY_RETURN) {
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11431  			if (dst_prog) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11432  				bpf_log(log, "can't modify return codes of BPF programs\n");
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11433  				return -EINVAL;
81a09cc12e4a91 Toke Høiland-Jørgensen 2020-09-25  11434  			}
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11435  			ret = check_attach_modify_return(addr, tname);
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11436  			if (ret) {
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11437  				bpf_log(log, "%s() is not modifiable\n", tname);
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11438  				return ret;
18644cec714aab Alexei Starovoitov     2020-05-28  11439  			}
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11440  		}
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11441  
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11442  		break;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11443  	}
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11444  	tgt_info->tgt_addr = addr;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11445  	tgt_info->tgt_name = tname;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11446  	tgt_info->tgt_type = t;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11447  	return 0;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11448  }

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org

[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 30894 bytes --]

WARNING: multiple messages have this Message-ID (diff)
From: Dan Carpenter <dan.carpenter@oracle.com>
To: kbuild-all@lists.01.org
Subject: Re: [PATCH bpf-next v9 05/11] bpf: support attaching freplace programs to multiple attach points
Date: Tue, 29 Sep 2020 10:07:20 +0300	[thread overview]
Message-ID: <20200929070720.GV4282@kadam> (raw)
In-Reply-To: <160106910487.27725.11983967672504271627.stgit@toke.dk>

[-- Attachment #1: Type: text/plain, Size: 21364 bytes --]

Hi Toke,

url:    https://github.com/0day-ci/linux/commits/Toke-H-iland-J-rgensen/bpf-Support-multi-attach-for-freplace-programs/20200926-052738
base:   https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git master
config: x86_64-randconfig-m001-20200925 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-15) 9.3.0

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>

smatch warnings:
kernel/bpf/verifier.c:11378 bpf_check_attach_target() error: we previously assumed 'dst_prog' could be null (see line 11250)

vim +/dst_prog +11378 kernel/bpf/verifier.c

f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11215  int bpf_check_attach_target(struct bpf_verifier_log *log,
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11216  			    const struct bpf_prog *prog,
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11217  			    const struct bpf_prog *dst_prog,
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11218  			    u32 btf_id,
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11219  			    struct bpf_attach_target_info *tgt_info)
38207291604401 Martin KaFai Lau       2019-10-24  11220  {
be8704ff07d237 Alexei Starovoitov     2020-01-20  11221  	bool prog_extension = prog->type == BPF_PROG_TYPE_EXT;
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11222  	const char prefix[] = "btf_trace_";
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11223  	int ret = 0, subprog = -1, i;
38207291604401 Martin KaFai Lau       2019-10-24  11224  	const struct btf_type *t;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11225  	bool conservative = true;
38207291604401 Martin KaFai Lau       2019-10-24  11226  	const char *tname;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11227  	struct btf *btf;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11228  	long addr = 0;
38207291604401 Martin KaFai Lau       2019-10-24  11229  
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11230  	if (!btf_id) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11231  		bpf_log(log, "Tracing programs must provide btf_id\n");
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11232  		return -EINVAL;
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11233  	}
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11234  	btf = dst_prog ? dst_prog->aux->btf : btf_vmlinux;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11235  	if (!btf) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11236  		bpf_log(log,
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11237  			"FENTRY/FEXIT program can only be attached to another program annotated with BTF\n");
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11238  		return -EINVAL;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11239  	}
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11240  	t = btf_type_by_id(btf, btf_id);
38207291604401 Martin KaFai Lau       2019-10-24  11241  	if (!t) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11242  		bpf_log(log, "attach_btf_id %u is invalid\n", btf_id);
38207291604401 Martin KaFai Lau       2019-10-24  11243  		return -EINVAL;
38207291604401 Martin KaFai Lau       2019-10-24  11244  	}
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11245  	tname = btf_name_by_offset(btf, t->name_off);
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11246  	if (!tname) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11247  		bpf_log(log, "attach_btf_id %u doesn't have a name\n", btf_id);
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11248  		return -EINVAL;
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11249  	}
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25 @11250  	if (dst_prog) {

Check for NULL.

0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11251  		struct bpf_prog_aux *aux = dst_prog->aux;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11252  
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11253  		for (i = 0; i < aux->func_info_cnt; i++)
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11254  			if (aux->func_info[i].type_id == btf_id) {
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11255  				subprog = i;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11256  				break;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11257  			}
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11258  		if (subprog == -1) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11259  			bpf_log(log, "Subprog %s doesn't exist\n", tname);
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11260  			return -EINVAL;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11261  		}
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11262  		conservative = aux->func_info_aux[subprog].unreliable;
be8704ff07d237 Alexei Starovoitov     2020-01-20  11263  		if (prog_extension) {
be8704ff07d237 Alexei Starovoitov     2020-01-20  11264  			if (conservative) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11265  				bpf_log(log,
be8704ff07d237 Alexei Starovoitov     2020-01-20  11266  					"Cannot replace static functions\n");
be8704ff07d237 Alexei Starovoitov     2020-01-20  11267  				return -EINVAL;
be8704ff07d237 Alexei Starovoitov     2020-01-20  11268  			}
be8704ff07d237 Alexei Starovoitov     2020-01-20  11269  			if (!prog->jit_requested) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11270  				bpf_log(log,
be8704ff07d237 Alexei Starovoitov     2020-01-20  11271  					"Extension programs should be JITed\n");
be8704ff07d237 Alexei Starovoitov     2020-01-20  11272  				return -EINVAL;
be8704ff07d237 Alexei Starovoitov     2020-01-20  11273  			}
be8704ff07d237 Alexei Starovoitov     2020-01-20  11274  		}
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11275  		if (!dst_prog->jited) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11276  			bpf_log(log, "Can attach to only JITed progs\n");
be8704ff07d237 Alexei Starovoitov     2020-01-20  11277  			return -EINVAL;
be8704ff07d237 Alexei Starovoitov     2020-01-20  11278  		}
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11279  		if (dst_prog->type == prog->type) {
be8704ff07d237 Alexei Starovoitov     2020-01-20  11280  			/* Cannot fentry/fexit another fentry/fexit program.
be8704ff07d237 Alexei Starovoitov     2020-01-20  11281  			 * Cannot attach program extension to another extension.
be8704ff07d237 Alexei Starovoitov     2020-01-20  11282  			 * It's ok to attach fentry/fexit to extension program.
be8704ff07d237 Alexei Starovoitov     2020-01-20  11283  			 */
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11284  			bpf_log(log, "Cannot recursively attach\n");
be8704ff07d237 Alexei Starovoitov     2020-01-20  11285  			return -EINVAL;
be8704ff07d237 Alexei Starovoitov     2020-01-20  11286  		}
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11287  		if (dst_prog->type == BPF_PROG_TYPE_TRACING &&
be8704ff07d237 Alexei Starovoitov     2020-01-20  11288  		    prog_extension &&
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11289  		    (dst_prog->expected_attach_type == BPF_TRACE_FENTRY ||
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11290  		     dst_prog->expected_attach_type == BPF_TRACE_FEXIT)) {
be8704ff07d237 Alexei Starovoitov     2020-01-20  11291  			/* Program extensions can extend all program types
be8704ff07d237 Alexei Starovoitov     2020-01-20  11292  			 * except fentry/fexit. The reason is the following.
be8704ff07d237 Alexei Starovoitov     2020-01-20  11293  			 * The fentry/fexit programs are used for performance
be8704ff07d237 Alexei Starovoitov     2020-01-20  11294  			 * analysis, stats and can be attached to any program
be8704ff07d237 Alexei Starovoitov     2020-01-20  11295  			 * type except themselves. When extension program is
be8704ff07d237 Alexei Starovoitov     2020-01-20  11296  			 * replacing XDP function it is necessary to allow
be8704ff07d237 Alexei Starovoitov     2020-01-20  11297  			 * performance analysis of all functions. Both original
be8704ff07d237 Alexei Starovoitov     2020-01-20  11298  			 * XDP program and its program extension. Hence
be8704ff07d237 Alexei Starovoitov     2020-01-20  11299  			 * attaching fentry/fexit to BPF_PROG_TYPE_EXT is
be8704ff07d237 Alexei Starovoitov     2020-01-20  11300  			 * allowed. If extending of fentry/fexit was allowed it
be8704ff07d237 Alexei Starovoitov     2020-01-20  11301  			 * would be possible to create long call chain
be8704ff07d237 Alexei Starovoitov     2020-01-20  11302  			 * fentry->extension->fentry->extension beyond
be8704ff07d237 Alexei Starovoitov     2020-01-20  11303  			 * reasonable stack size. Hence extending fentry is not
be8704ff07d237 Alexei Starovoitov     2020-01-20  11304  			 * allowed.
be8704ff07d237 Alexei Starovoitov     2020-01-20  11305  			 */
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11306  			bpf_log(log, "Cannot extend fentry/fexit\n");
be8704ff07d237 Alexei Starovoitov     2020-01-20  11307  			return -EINVAL;
be8704ff07d237 Alexei Starovoitov     2020-01-20  11308  		}
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11309  	} else {
be8704ff07d237 Alexei Starovoitov     2020-01-20  11310  		if (prog_extension) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11311  			bpf_log(log, "Cannot replace kernel functions\n");
be8704ff07d237 Alexei Starovoitov     2020-01-20  11312  			return -EINVAL;
be8704ff07d237 Alexei Starovoitov     2020-01-20  11313  		}

>From here we know that "dst_prog" can only be NULL when "prog_extension"
is NULL.

5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11314  	}
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11315  
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11316  	switch (prog->expected_attach_type) {
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11317  	case BPF_TRACE_RAW_TP:
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11318  		if (dst_prog) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11319  			bpf_log(log,
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11320  				"Only FENTRY/FEXIT progs are attachable to another BPF prog\n");
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11321  			return -EINVAL;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11322  		}
38207291604401 Martin KaFai Lau       2019-10-24  11323  		if (!btf_type_is_typedef(t)) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11324  			bpf_log(log, "attach_btf_id %u is not a typedef\n",
38207291604401 Martin KaFai Lau       2019-10-24  11325  				btf_id);
38207291604401 Martin KaFai Lau       2019-10-24  11326  			return -EINVAL;
38207291604401 Martin KaFai Lau       2019-10-24  11327  		}
f1b9509c2fb0ef Alexei Starovoitov     2019-10-30  11328  		if (strncmp(prefix, tname, sizeof(prefix) - 1)) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11329  			bpf_log(log, "attach_btf_id %u points to wrong type name %s\n",
38207291604401 Martin KaFai Lau       2019-10-24  11330  				btf_id, tname);
38207291604401 Martin KaFai Lau       2019-10-24  11331  			return -EINVAL;
38207291604401 Martin KaFai Lau       2019-10-24  11332  		}
38207291604401 Martin KaFai Lau       2019-10-24  11333  		tname += sizeof(prefix) - 1;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11334  		t = btf_type_by_id(btf, t->type);
38207291604401 Martin KaFai Lau       2019-10-24  11335  		if (!btf_type_is_ptr(t))
38207291604401 Martin KaFai Lau       2019-10-24  11336  			/* should never happen in valid vmlinux build */
38207291604401 Martin KaFai Lau       2019-10-24  11337  			return -EINVAL;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11338  		t = btf_type_by_id(btf, t->type);
38207291604401 Martin KaFai Lau       2019-10-24  11339  		if (!btf_type_is_func_proto(t))
38207291604401 Martin KaFai Lau       2019-10-24  11340  			/* should never happen in valid vmlinux build */
38207291604401 Martin KaFai Lau       2019-10-24  11341  			return -EINVAL;
38207291604401 Martin KaFai Lau       2019-10-24  11342  
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11343  		break;
15d83c4d7cef5c Yonghong Song          2020-05-09  11344  	case BPF_TRACE_ITER:
15d83c4d7cef5c Yonghong Song          2020-05-09  11345  		if (!btf_type_is_func(t)) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11346  			bpf_log(log, "attach_btf_id %u is not a function\n",
15d83c4d7cef5c Yonghong Song          2020-05-09  11347  				btf_id);
15d83c4d7cef5c Yonghong Song          2020-05-09  11348  			return -EINVAL;
15d83c4d7cef5c Yonghong Song          2020-05-09  11349  		}
15d83c4d7cef5c Yonghong Song          2020-05-09  11350  		t = btf_type_by_id(btf, t->type);
15d83c4d7cef5c Yonghong Song          2020-05-09  11351  		if (!btf_type_is_func_proto(t))
15d83c4d7cef5c Yonghong Song          2020-05-09  11352  			return -EINVAL;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11353  		ret = btf_distill_func_proto(log, btf, t, tname, &tgt_info->fmodel);
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11354  		if (ret)
15d83c4d7cef5c Yonghong Song          2020-05-09  11355  			return ret;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11356  		break;
be8704ff07d237 Alexei Starovoitov     2020-01-20  11357  	default:
be8704ff07d237 Alexei Starovoitov     2020-01-20  11358  		if (!prog_extension)
be8704ff07d237 Alexei Starovoitov     2020-01-20  11359  			return -EINVAL;
df561f6688fef7 Gustavo A. R. Silva    2020-08-23  11360  		fallthrough;
ae24082331d9bb KP Singh               2020-03-04  11361  	case BPF_MODIFY_RETURN:
9e4e01dfd3254c KP Singh               2020-03-29  11362  	case BPF_LSM_MAC:
fec56f5890d93f Alexei Starovoitov     2019-11-14  11363  	case BPF_TRACE_FENTRY:
fec56f5890d93f Alexei Starovoitov     2019-11-14  11364  	case BPF_TRACE_FEXIT:
fec56f5890d93f Alexei Starovoitov     2019-11-14  11365  		if (!btf_type_is_func(t)) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11366  			bpf_log(log, "attach_btf_id %u is not a function\n",
fec56f5890d93f Alexei Starovoitov     2019-11-14  11367  				btf_id);
fec56f5890d93f Alexei Starovoitov     2019-11-14  11368  			return -EINVAL;
fec56f5890d93f Alexei Starovoitov     2019-11-14  11369  		}
be8704ff07d237 Alexei Starovoitov     2020-01-20  11370  		if (prog_extension &&
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11371  		    btf_check_type_match(log, prog, btf, t))

If "prog_extension" can be NULL or non-NULL.

be8704ff07d237 Alexei Starovoitov     2020-01-20  11372  			return -EINVAL;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11373  		t = btf_type_by_id(btf, t->type);
fec56f5890d93f Alexei Starovoitov     2019-11-14  11374  		if (!btf_type_is_func_proto(t))
fec56f5890d93f Alexei Starovoitov     2019-11-14  11375  			return -EINVAL;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11376  
7c9bfdeec82c49 Toke Høiland-Jørgensen 2020-09-25  11377  		if ((prog->aux->saved_dst_prog_type &&
7c9bfdeec82c49 Toke Høiland-Jørgensen 2020-09-25 @11378  		     prog->aux->saved_dst_prog_type != dst_prog->type) ||
                                                                                                               ^^^^^^^^^^^^^^
Unchecked dereference.

7c9bfdeec82c49 Toke Høiland-Jørgensen 2020-09-25  11379  		    (prog->aux->saved_dst_attach_type &&
7c9bfdeec82c49 Toke Høiland-Jørgensen 2020-09-25  11380  		     prog->aux->saved_dst_attach_type != dst_prog->expected_attach_type))
7c9bfdeec82c49 Toke Høiland-Jørgensen 2020-09-25  11381  			return -EINVAL;
7c9bfdeec82c49 Toke Høiland-Jørgensen 2020-09-25  11382  
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11383  		if (dst_prog && conservative)
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11384  			t = NULL;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11385  
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11386  		ret = btf_distill_func_proto(log, btf, t, tname, &tgt_info->fmodel);
fec56f5890d93f Alexei Starovoitov     2019-11-14  11387  		if (ret < 0)
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11388  			return ret;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11389  
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11390  		if (dst_prog) {
e9eeec58c992c4 Yonghong Song          2019-12-04  11391  			if (subprog == 0)
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11392  				addr = (long) dst_prog->bpf_func;
e9eeec58c992c4 Yonghong Song          2019-12-04  11393  			else
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11394  				addr = (long) dst_prog->aux->func[subprog]->bpf_func;
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11395  		} else {
fec56f5890d93f Alexei Starovoitov     2019-11-14  11396  			addr = kallsyms_lookup_name(tname);
fec56f5890d93f Alexei Starovoitov     2019-11-14  11397  			if (!addr) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11398  				bpf_log(log,
fec56f5890d93f Alexei Starovoitov     2019-11-14  11399  					"The address of function %s cannot be found\n",
fec56f5890d93f Alexei Starovoitov     2019-11-14  11400  					tname);
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11401  				return -ENOENT;
fec56f5890d93f Alexei Starovoitov     2019-11-14  11402  			}
5b92a28aae4dd0 Alexei Starovoitov     2019-11-14  11403  		}
18644cec714aab Alexei Starovoitov     2020-05-28  11404  
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11405  		if (prog->aux->sleepable) {
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11406  			ret = -EINVAL;
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11407  			switch (prog->type) {
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11408  			case BPF_PROG_TYPE_TRACING:
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11409  				/* fentry/fexit/fmod_ret progs can be sleepable only if they are
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11410  				 * attached to ALLOW_ERROR_INJECTION and are not in denylist.
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11411  				 */
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11412  				if (!check_non_sleepable_error_inject(btf_id) &&
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11413  				    within_error_injection_list(addr))
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11414  					ret = 0;
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11415  				break;
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11416  			case BPF_PROG_TYPE_LSM:
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11417  				/* LSM progs check that they are attached to bpf_lsm_*() funcs.
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11418  				 * Only some of them are sleepable.
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11419  				 */
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11420  				if (check_sleepable_lsm_hook(btf_id))
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11421  					ret = 0;
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11422  				break;
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11423  			default:
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11424  				break;
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11425  			}
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11426  			if (ret) {
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11427  				bpf_log(log, "%s is not sleepable\n", tname);
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11428  				return ret;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11429  			}
1e6c62a8821557 Alexei Starovoitov     2020-08-27  11430  		} else if (prog->expected_attach_type == BPF_MODIFY_RETURN) {
0f8a745b60efb2 Toke Høiland-Jørgensen 2020-09-25  11431  			if (dst_prog) {
afd82d19795ce2 Toke Høiland-Jørgensen 2020-09-25  11432  				bpf_log(log, "can't modify return codes of BPF programs\n");
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11433  				return -EINVAL;
81a09cc12e4a91 Toke Høiland-Jørgensen 2020-09-25  11434  			}
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11435  			ret = check_attach_modify_return(addr, tname);
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11436  			if (ret) {
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11437  				bpf_log(log, "%s() is not modifiable\n", tname);
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11438  				return ret;
18644cec714aab Alexei Starovoitov     2020-05-28  11439  			}
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11440  		}
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11441  
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11442  		break;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11443  	}
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11444  	tgt_info->tgt_addr = addr;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11445  	tgt_info->tgt_name = tname;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11446  	tgt_info->tgt_type = t;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11447  	return 0;
f96b5387a45625 Toke Høiland-Jørgensen 2020-09-25  11448  }

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org

[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 30894 bytes --]

  reply	other threads:[~2020-09-29  7:07 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-09-25 21:24 [PATCH bpf-next v9 00/11] bpf: Support multi-attach for freplace programs Toke Høiland-Jørgensen
2020-09-25 21:25 ` [PATCH bpf-next v9 01/11] bpf: disallow attaching modify_return tracing functions to other BPF programs Toke Høiland-Jørgensen
2020-09-25 21:25 ` [PATCH bpf-next v9 02/11] bpf: change logging calls from verbose() to bpf_log() and use log pointer Toke Høiland-Jørgensen
2020-09-25 21:25 ` [PATCH bpf-next v9 03/11] bpf: verifier: refactor check_attach_btf_id() Toke Høiland-Jørgensen
2020-09-25 21:25 ` [PATCH bpf-next v9 04/11] bpf: move prog->aux->linked_prog and trampoline into bpf_link on attach Toke Høiland-Jørgensen
2020-09-29  0:05   ` Alexei Starovoitov
2020-09-29 10:47     ` Toke Høiland-Jørgensen
2020-09-25 21:25 ` [PATCH bpf-next v9 05/11] bpf: support attaching freplace programs to multiple attach points Toke Høiland-Jørgensen
2020-09-29  7:07   ` Dan Carpenter [this message]
2020-09-29  7:07     ` Dan Carpenter
2020-09-25 21:25 ` [PATCH bpf-next v9 06/11] bpf: Fix context type resolving for extension programs Toke Høiland-Jørgensen
2020-09-25 21:25 ` [PATCH bpf-next v9 07/11] libbpf: add support for freplace attachment in bpf_link_create Toke Høiland-Jørgensen
2020-09-25 21:25 ` [PATCH bpf-next v9 08/11] selftests: add test for multiple attachments of freplace program Toke Høiland-Jørgensen
2020-09-25 21:25 ` [PATCH bpf-next v9 09/11] selftests/bpf: Adding test for arg dereference in extension trace Toke Høiland-Jørgensen
2020-09-25 21:25 ` [PATCH bpf-next v9 10/11] selftests: Add selftest for disallowing modify_return attachment to freplace Toke Høiland-Jørgensen
2020-09-25 21:25 ` [PATCH bpf-next v9 11/11] selftests: Remove fmod_ret from test_overhead Toke Høiland-Jørgensen
2020-09-29  0:22   ` Alexei Starovoitov
2020-09-26  2:59 [PATCH bpf-next v9 05/11] bpf: support attaching freplace programs to multiple attach points kernel test robot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200929070720.GV4282@kadam \
    --to=dan.carpenter@oracle.com \
    --cc=kbuild@lists.01.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.