diff options
author | Jiri Olsa <jolsa@kernel.org> | 2021-04-29 13:47:12 +0200 |
---|---|---|
committer | Alexei Starovoitov <ast@kernel.org> | 2021-05-11 14:00:53 -0700 |
commit | 35e3815fa8102fab4dee75f3547472c66581125d (patch) | |
tree | 76d9a26444ea4ab3656bc02825453f79a66a71c4 /include/pcmcia | |
parent | 08389d888287c3823f80b0216766b71e17f0aba5 (diff) | |
download | linux-35e3815fa8102fab4dee75f3547472c66581125d.tar.gz |
bpf: Add deny list of btf ids check for tracing programs
The recursion check in __bpf_prog_enter and __bpf_prog_exit leaves some (not inlined) functions unprotected: In __bpf_prog_enter: - migrate_disable is called before prog->active is checked In __bpf_prog_exit: - migrate_enable,rcu_read_unlock_strict are called after prog->active is decreased When attaching trampoline to them we get panic like: traps: PANIC: double fault, error_code: 0x0 double fault: 0000 [#1] SMP PTI RIP: 0010:__bpf_prog_enter+0x4/0x50 ... Call Trace: <IRQ> bpf_trampoline_6442466513_0+0x18/0x1000 migrate_disable+0x5/0x50 __bpf_prog_enter+0x9/0x50 bpf_trampoline_6442466513_0+0x18/0x1000 migrate_disable+0x5/0x50 __bpf_prog_enter+0x9/0x50 bpf_trampoline_6442466513_0+0x18/0x1000 migrate_disable+0x5/0x50 __bpf_prog_enter+0x9/0x50 bpf_trampoline_6442466513_0+0x18/0x1000 migrate_disable+0x5/0x50 ... Fixing this by adding deny list of btf ids for tracing programs and checking btf id during program verification. Adding above functions to this list. Suggested-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: Jiri Olsa <jolsa@kernel.org> Signed-off-by: Alexei Starovoitov <ast@kernel.org> Link: https://lore.kernel.org/bpf/20210429114712.43783-1-jolsa@kernel.org
Diffstat (limited to 'include/pcmcia')
0 files changed, 0 insertions, 0 deletions