| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250415130910.2326537-1-devaanshk840@gmail.com>
Date: Tue, 15 Apr 2025 18:39:07 +0530
From: Devaansh Kumar <devaanshk840@...il.com>
To: gregkh@...uxfoundation.org,
sashal@...nel.org,
stable@...r.kernel.org,
ast@...nel.org,
daniel@...earbox.net
Cc: Devaansh Kumar <devaanshk840@...il.com>,
bpf@...r.kernel.org,
linux-kernel@...r.kernel.org,
skhan@...uxfoundation.org,
linux-kernel-mentees@...ts.linuxfoundation.org,
Kumar Kartikeya Dwivedi <memxor@...il.com>,
Andrii Nakryiko <andrii@...nel.org>
Subject: [PATCH] bpf: Remove tracing program restriction on map types
[ Upstream commit 96da3f7d489d11b43e7c1af90d876b9a2492cca8 ]
The hash map is now fully converted to bpf_mem_alloc. Its implementation is not
allocating synchronously and not calling call_rcu() directly. It's now safe to
use non-preallocated hash maps in all types of tracing programs including
BPF_PROG_TYPE_PERF_EVENT that runs out of NMI context.
Signed-off-by: Alexei Starovoitov <ast@...nel.org>
Signed-off-by: Daniel Borkmann <daniel@...earbox.net>
Acked-by: Kumar Kartikeya Dwivedi <memxor@...il.com>
Acked-by: Andrii Nakryiko <andrii@...nel.org>
Link: https://lore.kernel.org/bpf/20220902211058.60789-13-alexei.starovoitov@gmail.com
Signed-off-by: Devaansh Kumar <devaanshk840@...il.com>
---
kernel/bpf/verifier.c | 29 -----------------------------
1 file changed, 29 deletions(-)
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index 7049a85a78ab..77a75ccaae5e 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -11700,35 +11700,6 @@ static int check_map_prog_compatibility(struct bpf_verifier_env *env,
{
enum bpf_prog_type prog_type = resolve_prog_type(prog);
- /*
- * Validate that trace type programs use preallocated hash maps.
- *
- * For programs attached to PERF events this is mandatory as the
- * perf NMI can hit any arbitrary code sequence.
- *
- * All other trace types using preallocated hash maps are unsafe as
- * well because tracepoint or kprobes can be inside locked regions
- * of the memory allocator or at a place where a recursion into the
- * memory allocator would see inconsistent state.
- *
- * On RT enabled kernels run-time allocation of all trace type
- * programs is strictly prohibited due to lock type constraints. On
- * !RT kernels it is allowed for backwards compatibility reasons for
- * now, but warnings are emitted so developers are made aware of
- * the unsafety and can fix their programs before this is enforced.
- */
- if (is_tracing_prog_type(prog_type) && !is_preallocated_map(map)) {
- if (prog_type == BPF_PROG_TYPE_PERF_EVENT) {
- verbose(env, "perf_event programs can only use preallocated hash map\n");
- return -EINVAL;
- }
- if (IS_ENABLED(CONFIG_PREEMPT_RT)) {
- verbose(env, "trace type programs can only use preallocated hash map\n");
- return -EINVAL;
- }
- WARN_ONCE(1, "trace type BPF program uses run-time allocation\n");
- verbose(env, "trace type programs with run-time allocated hash maps are unsafe. Switch to preallocated hash maps.\n");
- }
if (map_value_has_spin_lock(map)) {
if (prog_type == BPF_PROG_TYPE_SOCKET_FILTER) {
--
2.49.0
Powered by blists - more mailing lists