From: Martin Lau <kafai@fb.com>
To: Andrii Nakryiko <andriin@fb.com>
Cc: "bpf@vger.kernel.org" <bpf@vger.kernel.org>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
Alexei Starovoitov <ast@fb.com>,
"daniel@iogearbox.net" <daniel@iogearbox.net>,
"andrii.nakryiko@gmail.com" <andrii.nakryiko@gmail.com>,
Kernel Team <Kernel-team@fb.com>
Subject: Re: [Potential Spoof] [PATCH bpf-next] libbpf: poison kernel-only integer types
Date: Fri, 10 Jan 2020 18:29:39 +0000 [thread overview]
Message-ID: <20200110182935.5qpo45dnzcrboqu5@kafai-mbp.dhcp.thefacebook.com> (raw)
In-Reply-To: <20200110181916.271446-1-andriin@fb.com>
On Fri, Jan 10, 2020 at 10:19:16AM -0800, Andrii Nakryiko wrote:
> It's been a recurring issue with types like u32 slipping into libbpf source
> code accidentally. This is not detected during builds inside kernel source
> tree, but becomes a compilation error in libbpf's Github repo. Libbpf is
> supposed to use only __{s,u}{8,16,32,64} typedefs, so poison {s,u}{8,16,32,64}
> explicitly in every .c file. Doing that in a bit more centralized way, e.g.,
> inside libbpf_internal.h breaks selftests, which are both using kernel u32 and
> libbpf_internal.h.
>
> This patch also fixes a new u32 occurence in libbpf.c, added recently.
>
> Fixes: 590a00888250 ("bpf: libbpf: Add STRUCT_OPS support")
> Signed-off-by: Andrii Nakryiko <andriin@fb.com>
> ---
> tools/lib/bpf/bpf.c | 3 +++
> tools/lib/bpf/bpf_prog_linfo.c | 3 +++
> tools/lib/bpf/btf.c | 3 +++
> tools/lib/bpf/btf_dump.c | 3 +++
> tools/lib/bpf/hashmap.c | 3 +++
> tools/lib/bpf/libbpf.c | 5 ++++-
> tools/lib/bpf/libbpf_errno.c | 3 +++
> tools/lib/bpf/libbpf_probes.c | 3 +++
> tools/lib/bpf/netlink.c | 3 +++
> tools/lib/bpf/nlattr.c | 3 +++
> tools/lib/bpf/str_error.c | 3 +++
> tools/lib/bpf/xsk.c | 3 +++
> 12 files changed, 37 insertions(+), 1 deletion(-)
>
> diff --git a/tools/lib/bpf/bpf.c b/tools/lib/bpf/bpf.c
> index b0ecbe9ef2d4..500afe478e94 100644
> --- a/tools/lib/bpf/bpf.c
> +++ b/tools/lib/bpf/bpf.c
> @@ -32,6 +32,9 @@
> #include "libbpf.h"
> #include "libbpf_internal.h"
>
> +/* make sure libbpf doesn't use kernel-only integer typedefs */
> +#pragma GCC poison u8 u16 u32 u64 s8 s16 s32 s64
> +
> /*
> * When building perf, unistd.h is overridden. __NR_bpf is
> * required to be defined explicitly.
> diff --git a/tools/lib/bpf/bpf_prog_linfo.c b/tools/lib/bpf/bpf_prog_linfo.c
> index 3ed1a27b5f7c..bafca49cb1e6 100644
> --- a/tools/lib/bpf/bpf_prog_linfo.c
> +++ b/tools/lib/bpf/bpf_prog_linfo.c
> @@ -8,6 +8,9 @@
> #include "libbpf.h"
> #include "libbpf_internal.h"
>
> +/* make sure libbpf doesn't use kernel-only integer typedefs */
> +#pragma GCC poison u8 u16 u32 u64 s8 s16 s32 s64
> +
> struct bpf_prog_linfo {
> void *raw_linfo;
> void *raw_jited_linfo;
> diff --git a/tools/lib/bpf/btf.c b/tools/lib/bpf/btf.c
> index 5f04f56e1eb6..cfeb6a44480b 100644
> --- a/tools/lib/bpf/btf.c
> +++ b/tools/lib/bpf/btf.c
> @@ -17,6 +17,9 @@
> #include "libbpf_internal.h"
> #include "hashmap.h"
>
> +/* make sure libbpf doesn't use kernel-only integer typedefs */
> +#pragma GCC poison u8 u16 u32 u64 s8 s16 s32 s64
> +
> #define BTF_MAX_NR_TYPES 0x7fffffff
> #define BTF_MAX_STR_OFFSET 0x7fffffff
>
> diff --git a/tools/lib/bpf/btf_dump.c b/tools/lib/bpf/btf_dump.c
> index e95f7710f210..885acebd4396 100644
> --- a/tools/lib/bpf/btf_dump.c
> +++ b/tools/lib/bpf/btf_dump.c
> @@ -18,6 +18,9 @@
> #include "libbpf.h"
> #include "libbpf_internal.h"
>
> +/* make sure libbpf doesn't use kernel-only integer typedefs */
> +#pragma GCC poison u8 u16 u32 u64 s8 s16 s32 s64
> +
> static const char PREFIXES[] = "\t\t\t\t\t\t\t\t\t\t\t\t\t";
> static const size_t PREFIX_CNT = sizeof(PREFIXES) - 1;
>
> diff --git a/tools/lib/bpf/hashmap.c b/tools/lib/bpf/hashmap.c
> index 6122272943e6..54c30c802070 100644
> --- a/tools/lib/bpf/hashmap.c
> +++ b/tools/lib/bpf/hashmap.c
> @@ -12,6 +12,9 @@
> #include <linux/err.h>
> #include "hashmap.h"
>
> +/* make sure libbpf doesn't use kernel-only integer typedefs */
> +#pragma GCC poison u8 u16 u32 u64 s8 s16 s32 s64
> +
> /* start with 4 buckets */
> #define HASHMAP_MIN_CAP_BITS 2
>
> diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
> index 3afd780b0f06..0c229f00a67e 100644
> --- a/tools/lib/bpf/libbpf.c
> +++ b/tools/lib/bpf/libbpf.c
> @@ -55,6 +55,9 @@
> #include "libbpf_internal.h"
> #include "hashmap.h"
>
> +/* make sure libbpf doesn't use kernel-only integer typedefs */
> +#pragma GCC poison u8 u16 u32 u64 s8 s16 s32 s64
> +
> #ifndef EM_BPF
> #define EM_BPF 247
> #endif
> @@ -6475,7 +6478,7 @@ static int bpf_object__collect_struct_ops_map_reloc(struct bpf_object *obj,
> Elf_Data *symbols;
> unsigned int moff;
> const char *name;
> - u32 member_idx;
> + __u32 member_idx;
Acked-by: Martin KaFai Lau <kafai@fb.com>
next prev parent reply other threads:[~2020-01-10 18:29 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-10 18:19 [PATCH bpf-next] libbpf: poison kernel-only integer types Andrii Nakryiko
2020-01-10 18:29 ` Martin Lau [this message]
2020-01-10 18:39 ` Alexei Starovoitov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200110182935.5qpo45dnzcrboqu5@kafai-mbp.dhcp.thefacebook.com \
--to=kafai@fb.com \
--cc=Kernel-team@fb.com \
--cc=andrii.nakryiko@gmail.com \
--cc=andriin@fb.com \
--cc=ast@fb.com \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).