tree: https://git.kernel.org/pub/scm/linux/kernel/git/acme/linux.git tmp.bpf/sign head: 8557905cdcfad6d1bb100cc12e2a4f6bcc6b3e1a commit: a8c35674f209361e4b9fb3e2c8c3a93d29bf1d9b [2/3] bpf: Add support for checking BPF program signatures config: x86_64-randconfig-a012-20201008 (attached as .config) compiler: clang version 12.0.0 (https://github.com/llvm/llvm-project 4d1d8ae7100ec3c7e1709addb7b3ec6f9ad0b44f) reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # install x86_64 cross compiling tool for clang build # apt-get install binutils-x86-64-linux-gnu # https://git.kernel.org/pub/scm/linux/kernel/git/acme/linux.git/commit/?id=a8c35674f209361e4b9fb3e2c8c3a93d29bf1d9b git remote add perf https://git.kernel.org/pub/scm/linux/kernel/git/acme/linux.git git fetch --no-tags perf tmp.bpf/sign git checkout a8c35674f209361e4b9fb3e2c8c3a93d29bf1d9b # save the attached .config to linux build tree COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64 If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot All errors (new ones prefixed by >>): >> kernel/bpf/syscall.c:2253:29: error: too many arguments to function call, expected single argument 'attr', have 2 arguments err = bpf_sig_check(prog, attr); ~~~~~~~~~~~~~ ^~~~ kernel/bpf/syscall.c:2156:12: note: 'bpf_sig_check' declared here static int bpf_sig_check(union bpf_attr *attr) ^ 1 error generated. vim +/attr +2253 kernel/bpf/syscall.c 2164 2165 static int bpf_prog_load(union bpf_attr *attr, union bpf_attr __user *uattr) 2166 { 2167 enum bpf_prog_type type = attr->prog_type; 2168 struct bpf_prog *prog; 2169 int err; 2170 char license[128]; 2171 bool is_gpl; 2172 2173 if (CHECK_ATTR(BPF_PROG_LOAD)) 2174 return -EINVAL; 2175 2176 if (attr->prog_flags & ~(BPF_F_STRICT_ALIGNMENT | 2177 BPF_F_ANY_ALIGNMENT | 2178 BPF_F_TEST_STATE_FREQ | 2179 BPF_F_SLEEPABLE | 2180 BPF_F_TEST_RND_HI32)) 2181 return -EINVAL; 2182 2183 if (!IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && 2184 (attr->prog_flags & BPF_F_ANY_ALIGNMENT) && 2185 !bpf_capable()) 2186 return -EPERM; 2187 2188 /* copy eBPF program license from user space */ 2189 if (strncpy_from_user(license, u64_to_user_ptr(attr->license), 2190 sizeof(license) - 1) < 0) 2191 return -EFAULT; 2192 license[sizeof(license) - 1] = 0; 2193 2194 /* eBPF programs must be GPL compatible to use GPL-ed functions */ 2195 is_gpl = license_is_gpl_compatible(license); 2196 2197 if (attr->insn_cnt == 0 || 2198 attr->insn_cnt > (bpf_capable() ? BPF_COMPLEXITY_LIMIT_INSNS : BPF_MAXINSNS)) 2199 return -E2BIG; 2200 if (type != BPF_PROG_TYPE_SOCKET_FILTER && 2201 type != BPF_PROG_TYPE_CGROUP_SKB && 2202 !bpf_capable()) 2203 return -EPERM; 2204 2205 if (is_net_admin_prog_type(type) && !capable(CAP_NET_ADMIN) && !capable(CAP_SYS_ADMIN)) 2206 return -EPERM; 2207 if (is_perfmon_prog_type(type) && !perfmon_capable()) 2208 return -EPERM; 2209 2210 bpf_prog_load_fixup_attach_type(attr); 2211 if (bpf_prog_load_check_attach(type, attr->expected_attach_type, 2212 attr->attach_btf_id, 2213 attr->attach_prog_fd)) 2214 return -EINVAL; 2215 2216 /* plain bpf_prog allocation */ 2217 prog = bpf_prog_alloc(bpf_prog_size(attr->insn_cnt), GFP_USER); 2218 if (!prog) 2219 return -ENOMEM; 2220 2221 prog->expected_attach_type = attr->expected_attach_type; 2222 prog->aux->attach_btf_id = attr->attach_btf_id; 2223 if (attr->attach_prog_fd) { 2224 struct bpf_prog *dst_prog; 2225 2226 dst_prog = bpf_prog_get(attr->attach_prog_fd); 2227 if (IS_ERR(dst_prog)) { 2228 err = PTR_ERR(dst_prog); 2229 goto free_prog_nouncharge; 2230 } 2231 prog->aux->dst_prog = dst_prog; 2232 } 2233 2234 prog->aux->offload_requested = !!attr->prog_ifindex; 2235 prog->aux->sleepable = attr->prog_flags & BPF_F_SLEEPABLE; 2236 2237 err = security_bpf_prog_alloc(prog->aux); 2238 if (err) 2239 goto free_prog_nouncharge; 2240 2241 err = bpf_prog_charge_memlock(prog); 2242 if (err) 2243 goto free_prog_sec; 2244 2245 prog->len = attr->insn_cnt; 2246 2247 err = -EFAULT; 2248 if (copy_from_user(prog->insns, u64_to_user_ptr(attr->insns), 2249 bpf_prog_insn_size(prog)) != 0) 2250 goto free_prog; 2251 2252 if (attr->prog_sig_len > 0) { > 2253 err = bpf_sig_check(prog, attr); 2254 if (err) 2255 goto free_prog; 2256 } 2257 2258 prog->orig_prog = NULL; 2259 prog->jited = 0; 2260 2261 atomic64_set(&prog->aux->refcnt, 1); 2262 prog->gpl_compatible = is_gpl ? 1 : 0; 2263 2264 if (bpf_prog_is_dev_bound(prog->aux)) { 2265 err = bpf_prog_offload_init(prog, attr); 2266 if (err) 2267 goto free_prog; 2268 } 2269 2270 /* find program type: socket_filter vs tracing_filter */ 2271 err = find_prog_type(type, prog); 2272 if (err < 0) 2273 goto free_prog; 2274 2275 prog->aux->load_time = ktime_get_boottime_ns(); 2276 err = bpf_obj_name_cpy(prog->aux->name, attr->prog_name, 2277 sizeof(attr->prog_name)); 2278 if (err < 0) 2279 goto free_prog; 2280 2281 /* run eBPF verifier */ 2282 err = bpf_check(&prog, attr, uattr); 2283 if (err < 0) 2284 goto free_used_maps; 2285 2286 prog = bpf_prog_select_runtime(prog, &err); 2287 if (err < 0) 2288 goto free_used_maps; 2289 2290 err = bpf_prog_alloc_id(prog); 2291 if (err) 2292 goto free_used_maps; 2293 2294 /* Upon success of bpf_prog_alloc_id(), the BPF prog is 2295 * effectively publicly exposed. However, retrieving via 2296 * bpf_prog_get_fd_by_id() will take another reference, 2297 * therefore it cannot be gone underneath us. 2298 * 2299 * Only for the time /after/ successful bpf_prog_new_fd() 2300 * and before returning to userspace, we might just hold 2301 * one reference and any parallel close on that fd could 2302 * rip everything out. Hence, below notifications must 2303 * happen before bpf_prog_new_fd(). 2304 * 2305 * Also, any failure handling from this point onwards must 2306 * be using bpf_prog_put() given the program is exposed. 2307 */ 2308 bpf_prog_kallsyms_add(prog); 2309 perf_event_bpf_event(prog, PERF_BPF_EVENT_PROG_LOAD, 0); 2310 bpf_audit_prog(prog, BPF_AUDIT_LOAD); 2311 2312 err = bpf_prog_new_fd(prog); 2313 if (err < 0) 2314 bpf_prog_put(prog); 2315 return err; 2316 2317 free_used_maps: 2318 /* In case we have subprogs, we need to wait for a grace 2319 * period before we can tear down JIT memory since symbols 2320 * are already exposed under kallsyms. 2321 */ 2322 __bpf_prog_put_noref(prog, prog->aux->func_cnt); 2323 return err; 2324 free_prog: 2325 bpf_prog_uncharge_memlock(prog); 2326 free_prog_sec: 2327 security_bpf_prog_free(prog->aux); 2328 free_prog_nouncharge: 2329 bpf_prog_free(prog); 2330 return err; 2331 } 2332 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org