mirror of
https://gitee.com/bianbu-linux/linux-6.6
synced 2025-04-24 14:07:52 -04:00
6fcd486b3a
bpf_rcu_read_lock/unlock() are only available in clang compiled kernels. Lack of such key mechanism makes it impossible for sleepable bpf programs to use RCU pointers. Allow bpf_rcu_read_lock/unlock() in GCC compiled kernels (though GCC doesn't support btf_type_tag yet) and allowlist certain field dereferences in important data structures like tast_struct, cgroup, socket that are used by sleepable programs either as RCU pointer or full trusted pointer (which is valid outside of RCU CS). Use BTF_TYPE_SAFE_RCU and BTF_TYPE_SAFE_TRUSTED macros for such tagging. They will be removed once GCC supports btf_type_tag. With that refactor check_ptr_to_btf_access(). Make it strict in enforcing PTR_TRUSTED and PTR_UNTRUSTED while deprecating old PTR_TO_BTF_ID without modifier flags. There is a chance that this strict enforcement might break existing programs (especially on GCC compiled kernels), but this cleanup has to start sooner than later. Note PTR_TO_CTX access still yields old deprecated PTR_TO_BTF_ID. Once it's converted to strict PTR_TRUSTED or PTR_UNTRUSTED the kfuncs and helpers will be able to default to KF_TRUSTED_ARGS. KF_RCU will remain as a weaker version of KF_TRUSTED_ARGS where obj refcnt could be 0. Adjust rcu_read_lock selftest to run on gcc and clang compiled kernels. Signed-off-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: David Vernet <void@manifault.com> Link: https://lore.kernel.org/bpf/20230303041446.3630-7-alexei.starovoitov@gmail.com
33 lines
901 B
C
33 lines
901 B
C
// SPDX-License-Identifier: GPL-2.0
|
|
/* Copyright (c) 2023 Meta Platforms, Inc. and affiliates. */
|
|
|
|
#include <vmlinux.h>
|
|
#include <bpf/bpf_tracing.h>
|
|
#include <bpf/bpf_helpers.h>
|
|
#include "bpf_misc.h"
|
|
|
|
#include "nested_trust_common.h"
|
|
|
|
char _license[] SEC("license") = "GPL";
|
|
|
|
/* Prototype for all of the program trace events below:
|
|
*
|
|
* TRACE_EVENT(task_newtask,
|
|
* TP_PROTO(struct task_struct *p, u64 clone_flags)
|
|
*/
|
|
|
|
SEC("tp_btf/task_newtask")
|
|
__failure __msg("R2 must be")
|
|
int BPF_PROG(test_invalid_nested_user_cpus, struct task_struct *task, u64 clone_flags)
|
|
{
|
|
bpf_cpumask_test_cpu(0, task->user_cpus_ptr);
|
|
return 0;
|
|
}
|
|
|
|
SEC("tp_btf/task_newtask")
|
|
__failure __msg("R1 must have zero offset when passed to release func or trusted arg to kfunc")
|
|
int BPF_PROG(test_invalid_nested_offset, struct task_struct *task, u64 clone_flags)
|
|
{
|
|
bpf_cpumask_first_zero(&task->cpus_mask);
|
|
return 0;
|
|
}
|