From: Christian Brauner <christian.brauner@ubuntu.com>
To: christian.brauner@ubuntu.com
Cc: ast@kernel.org, bpf@vger.kernel.org, daniel@iogearbox.net,
kafai@fb.com, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org, songliubraving@fb.com, yhs@fb.com,
Aleksa Sarai <cyphar@cyphar.com>
Subject: [PATCH v2 1/3] bpf: use check_zeroed_user() in bpf_check_uarg_tail_zero()
Date: Wed, 16 Oct 2019 02:41:36 +0200 [thread overview]
Message-ID: <20191016004138.24845-2-christian.brauner@ubuntu.com> (raw)
In-Reply-To: <20191016004138.24845-1-christian.brauner@ubuntu.com>
In v5.4-rc2 we added a new helper (cf. [1]) check_zeroed_user() which
does what bpf_check_uarg_tail_zero() is doing generically. We're slowly
switching such codepaths over to use check_zeroed_user() instead of
using their own hand-rolled version.
[1]: f5a1a536fa14 ("lib: introduce copy_struct_from_user() helper")
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: bpf@vger.kernel.org
Acked-by: Aleksa Sarai <cyphar@cyphar.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
/* v1 */
Link: https://lore.kernel.org/r/20191009160907.10981-2-christian.brauner@ubuntu.com
/* v2 */
- Alexei Starovoitov <ast@kernel.org>:
- Add a comment in bpf_check_uarg_tail_zero() to clarify that
copy_struct_from_user() should be used whenever possible instead.
---
kernel/bpf/syscall.c | 26 +++++++++++---------------
1 file changed, 11 insertions(+), 15 deletions(-)
diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
index 82eabd4e38ad..b289ae747cae 100644
--- a/kernel/bpf/syscall.c
+++ b/kernel/bpf/syscall.c
@@ -58,35 +58,31 @@ static const struct bpf_map_ops * const bpf_map_types[] = {
* There is a ToCToU between this function call and the following
* copy_from_user() call. However, this is not a concern since this function is
* meant to be a future-proofing of bits.
+ *
+ * Note, instead of using bpf_check_uarg_tail_zero() followed by
+ * copy_from_user() use the dedicated copy_struct_from_user() helper which
+ * performs both tasks whenever possible.
*/
int bpf_check_uarg_tail_zero(void __user *uaddr,
size_t expected_size,
size_t actual_size)
{
- unsigned char __user *addr;
- unsigned char __user *end;
- unsigned char val;
+ size_t size = min(expected_size, actual_size);
+ size_t rest = max(expected_size, actual_size) - size;
int err;
if (unlikely(actual_size > PAGE_SIZE)) /* silly large */
return -E2BIG;
- if (unlikely(!access_ok(uaddr, actual_size)))
- return -EFAULT;
-
if (actual_size <= expected_size)
return 0;
- addr = uaddr + expected_size;
- end = uaddr + actual_size;
+ err = check_zeroed_user(uaddr + expected_size, rest);
+ if (err < 0)
+ return err;
- for (; addr < end; addr++) {
- err = get_user(val, addr);
- if (err)
- return err;
- if (val)
- return -E2BIG;
- }
+ if (err)
+ return -E2BIG;
return 0;
}
--
2.23.0
next prev parent reply other threads:[~2019-10-16 0:41 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-09 16:09 [PATCH 0/3] bpf: switch to new usercopy helpers Christian Brauner
2019-10-09 16:09 ` [PATCH 1/3] bpf: use check_zeroed_user() in bpf_check_uarg_tail_zero() Christian Brauner
2019-10-10 10:50 ` Aleksa Sarai
2019-10-09 16:09 ` [PATCH 2/3] bpf: use copy_struct_from_user() in bpf_prog_get_info_by_fd() Christian Brauner
2019-10-10 10:51 ` Aleksa Sarai
2019-10-09 16:09 ` [PATCH 3/3] bpf: use copy_struct_from_user() in bpf() syscall Christian Brauner
2019-10-10 10:51 ` Aleksa Sarai
2019-10-09 23:06 ` [PATCH 0/3] bpf: switch to new usercopy helpers Alexei Starovoitov
2019-10-10 9:26 ` Christian Brauner
2019-10-15 22:45 ` Alexei Starovoitov
2019-10-15 22:55 ` Christian Brauner
2019-10-15 23:02 ` Alexei Starovoitov
2019-10-15 23:08 ` Christian Brauner
2019-10-16 0:41 ` [PATCH v2 " Christian Brauner
2019-10-16 0:41 ` Christian Brauner [this message]
2019-10-16 0:41 ` [PATCH v2 2/3] bpf: use copy_struct_from_user() in bpf_prog_get_info_by_fd() Christian Brauner
2019-10-16 0:41 ` [PATCH v2 3/3] bpf: use copy_struct_from_user() in bpf() syscall Christian Brauner
2019-10-16 0:48 ` [PATCH v2 0/3] bpf: switch to new usercopy helpers Christian Brauner
2019-10-16 2:14 ` Alexei Starovoitov
2019-10-16 3:31 ` Christian Brauner
2019-10-16 3:44 ` [PATCH v3 " Christian Brauner
2019-10-16 3:44 ` [PATCH v3 1/3] bpf: use check_zeroed_user() in bpf_check_uarg_tail_zero() Christian Brauner
2019-10-16 5:23 ` Alexei Starovoitov
2019-10-16 3:44 ` [PATCH v3 2/3] bpf: use copy_struct_from_user() in bpf_prog_get_info_by_fd() Christian Brauner
2019-10-16 5:25 ` Alexei Starovoitov
2019-10-16 7:30 ` [PATCH v3 2/3] bpf: use copy_struct_from_user() in bpf_prog_get_info_by_fd()y Christian Brauner
2019-10-16 7:43 ` [PATCH v3 2/3] bpf: use copy_struct_from_user() in bpf_prog_get_info_by_fd() Christian Brauner
2019-10-16 3:44 ` [PATCH v3 3/3] bpf: use copy_struct_from_user() in bpf() syscall Christian Brauner
2019-10-16 11:18 ` [PATCH bpf-next v4 0/3] bpf: switch to new usercopy helpers Christian Brauner
2019-10-16 11:18 ` [PATCH bpf-next v4 1/3] bpf: use check_zeroed_user() in bpf_check_uarg_tail_zero() Christian Brauner
2019-10-16 11:18 ` [PATCH bpf-next v4 2/3] bpf: use copy_struct_from_user() in bpf_prog_get_info_by_fd() Christian Brauner
2019-10-16 11:18 ` [PATCH bpf-next v4 3/3] bpf: use copy_struct_from_user() in bpf() syscall Christian Brauner
2019-10-16 18:31 ` [PATCH bpf-next v4 0/3] bpf: switch to new usercopy helpers Alexei Starovoitov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191016004138.24845-2-christian.brauner@ubuntu.com \
--to=christian.brauner@ubuntu.com \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=cyphar@cyphar.com \
--cc=daniel@iogearbox.net \
--cc=kafai@fb.com \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=songliubraving@fb.com \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.