| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 Jan 2023 13:25:14 -0600
From: David Vernet <void@...ifault.com>
To: bpf@...r.kernel.org
Cc: ast@...nel.org, daniel@...earbox.net, andrii@...nel.org,
martin.lau@...ux.dev, song@...nel.org, yhs@...a.com,
john.fastabend@...il.com, kpsingh@...nel.org, sdf@...gle.com,
haoluo@...gle.com, jolsa@...nel.org, linux-kernel@...r.kernel.org,
kernel-team@...a.com, tj@...nel.org, memxor@...il.com
Subject: [PATCH bpf-next v2 0/9] Enable cpumasks to be used as kptrs
This is part 2 of https://lore.kernel.org/all/20230119235833.2948341-1-void@manifault.com/
Changelog:
----------
v1 -> v2:
- Put back 'static' keyword in bpf_find_btf_id()
(kernel test robot <lkp@...el.com>)
- Surround cpumask kfuncs in __diag() blocks to avoid no-prototype build
warnings (kernel test robot <lkp@...el.com>)
- Enable ___init suffixes to a type definition to signal that a type is
a nocast alias of another type. That is, that when passed to a kfunc
that expects one of the two types, the verifier will reject the other
even if they're equivalent according to the C standard (Kumar and
Alexei)
- Reject NULL for all trusted args, not just PTR_TO_MEM (Kumar)
- Reject both NULL and PTR_MAYBE_NULL for all trusted args (Kumar and
Alexei )
- Improve examples given in cpumask documentation (Alexei)
- Use __success macro for nested_trust test (Alexei)
- Fix comment typo in struct bpf_cpumask comment header.
- Fix another example in the bpf_cpumask doc examples.
- Add documentation for ___init suffix change mentioned above.
David Vernet (9):
bpf: Enable annotating trusted nested pointers
bpf: Allow trusted args to walk struct when checking BTF IDs
bpf: Disallow NULLable pointers for trusted kfuncs
bpf: Enable cpumasks to be queried and used as kptrs
selftests/bpf: Add nested trust selftests suite
selftests/bpf: Add selftest suite for cpumask kfuncs
bpf/docs: Document cpumask kfuncs in a new file
bpf/docs: Document how nested trusted fields may be defined
bpf/docs: Document the nocast aliasing behavior of ___init
Documentation/bpf/cpumasks.rst | 396 +++++++++++++++
Documentation/bpf/index.rst | 1 +
Documentation/bpf/kfuncs.rst | 76 ++-
include/linux/bpf.h | 8 +
kernel/bpf/Makefile | 1 +
kernel/bpf/btf.c | 122 +++++
kernel/bpf/cpumask.c | 477 ++++++++++++++++++
kernel/bpf/verifier.c | 67 ++-
tools/testing/selftests/bpf/DENYLIST.s390x | 2 +
.../selftests/bpf/prog_tests/cgrp_kfunc.c | 4 +-
.../selftests/bpf/prog_tests/cpumask.c | 74 +++
.../selftests/bpf/prog_tests/nested_trust.c | 12 +
.../selftests/bpf/prog_tests/task_kfunc.c | 4 +-
.../selftests/bpf/progs/cpumask_common.h | 114 +++++
.../selftests/bpf/progs/cpumask_failure.c | 125 +++++
.../selftests/bpf/progs/cpumask_success.c | 426 ++++++++++++++++
.../selftests/bpf/progs/nested_trust_common.h | 12 +
.../bpf/progs/nested_trust_failure.c | 33 ++
.../bpf/progs/nested_trust_success.c | 31 ++
19 files changed, 1976 insertions(+), 9 deletions(-)
create mode 100644 Documentation/bpf/cpumasks.rst
create mode 100644 kernel/bpf/cpumask.c
create mode 100644 tools/testing/selftests/bpf/prog_tests/cpumask.c
create mode 100644 tools/testing/selftests/bpf/prog_tests/nested_trust.c
create mode 100644 tools/testing/selftests/bpf/progs/cpumask_common.h
create mode 100644 tools/testing/selftests/bpf/progs/cpumask_failure.c
create mode 100644 tools/testing/selftests/bpf/progs/cpumask_success.c
create mode 100644 tools/testing/selftests/bpf/progs/nested_trust_common.h
create mode 100644 tools/testing/selftests/bpf/progs/nested_trust_failure.c
create mode 100644 tools/testing/selftests/bpf/progs/nested_trust_success.c
--
2.39.0
Powered by blists - more mailing lists