| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <8ff3384a-24a2-4833-b614-16d2c7227b5e@linux.dev>
Date: Thu, 5 Feb 2026 10:20:44 +0800
From: Leon Hwang <leon.hwang@...ux.dev>
To: Andrii Nakryiko <andrii.nakryiko@...il.com>
Cc: bpf@...r.kernel.org, Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
John Fastabend <john.fastabend@...il.com>,
Andrii Nakryiko <andrii@...nel.org>, Martin KaFai Lau
<martin.lau@...ux.dev>, Eduard Zingerman <eddyz87@...il.com>,
Song Liu <song@...nel.org>, Yonghong Song <yonghong.song@...ux.dev>,
KP Singh <kpsingh@...nel.org>, Stanislav Fomichev <sdf@...ichev.me>,
Hao Luo <haoluo@...gle.com>, Jiri Olsa <jolsa@...nel.org>,
Shuah Khan <shuah@...nel.org>, Christian Brauner <brauner@...nel.org>,
Seth Forshee <sforshee@...nel.org>, Yuichiro Tsuji <yuichtsu@...zon.com>,
Andrey Albershteyn <aalbersh@...hat.com>,
Willem de Bruijn <willemb@...gle.com>, Jason Xing
<kerneljasonxing@...il.com>, Tao Chen <chen.dylane@...ux.dev>,
Mykyta Yatsenko <yatsenko@...a.com>,
Kumar Kartikeya Dwivedi <memxor@...il.com>,
Anton Protopopov <a.s.protopopov@...il.com>, Amery Hung
<ameryhung@...il.com>, Rong Tao <rongtao@...tc.cn>,
linux-kernel@...r.kernel.org, linux-api@...r.kernel.org,
linux-kselftest@...r.kernel.org, kernel-patches-bot@...com
Subject: Re: [PATCH bpf-next v9 3/9] bpf: Refactor reporting log_true_size for
prog_load
On 5/2/26 03:48, Andrii Nakryiko wrote:
> On Mon, Feb 2, 2026 at 6:42 AM Leon Hwang <leon.hwang@...ux.dev> wrote:
>>
>> The next commit will add support for reporting logs via extended common
>> attributes, including 'log_true_size'.
>>
>> To prepare for that, refactor the 'log_true_size' reporting logic by
>> introducing a new struct bpf_log_attr to encapsulate log-related behavior:
>>
>> * bpf_prog_load_log_attr_init(): initialize the log fields, which will
>> support extended common attributes in the next commit.
>> * bpf_log_attr_finalize(): handle log finalization and write back
>> 'log_true_size' to userspace.
>>
>> Signed-off-by: Leon Hwang <leon.hwang@...ux.dev>
>> ---
>> include/linux/bpf.h | 4 +++-
>> include/linux/bpf_verifier.h | 10 ++++++++++
>> kernel/bpf/log.c | 35 +++++++++++++++++++++++++++++++++++
>> kernel/bpf/syscall.c | 8 +++++---
>> kernel/bpf/verifier.c | 13 +++----------
>> 5 files changed, 56 insertions(+), 14 deletions(-)
>>
>> diff --git a/include/linux/bpf.h b/include/linux/bpf.h
>> index cd9b96434904..d4dbcc7ad156 100644
>> --- a/include/linux/bpf.h
>> +++ b/include/linux/bpf.h
>> @@ -2913,7 +2913,9 @@ int bpf_check_uarg_tail_zero(bpfptr_t uaddr, size_t expected_size,
>> size_t actual_size);
>>
>> /* verify correctness of eBPF program */
>> -int bpf_check(struct bpf_prog **fp, union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size);
>> +struct bpf_log_attr;
>> +int bpf_check(struct bpf_prog **fp, union bpf_attr *attr, bpfptr_t uattr,
>> + struct bpf_log_attr *attr_log);
>>
>> #ifndef CONFIG_BPF_JIT_ALWAYS_ON
>> void bpf_patch_call_args(struct bpf_insn *insn, u32 stack_depth);
>> diff --git a/include/linux/bpf_verifier.h b/include/linux/bpf_verifier.h
>> index 8355b585cd18..c805b85b6f7a 100644
>> --- a/include/linux/bpf_verifier.h
>> +++ b/include/linux/bpf_verifier.h
>> @@ -631,6 +631,16 @@ static inline bool bpf_verifier_log_needed(const struct bpf_verifier_log *log)
>> return log && log->level;
>> }
>>
>> +struct bpf_log_attr {
>> + u32 offsetof_true_size;
>> + u32 uattr_size;
>> + bpfptr_t uattr;
>> +};
>> +
>> +int bpf_prog_load_log_attr_init(struct bpf_log_attr *attr_log, union bpf_attr *attr,
>> + bpfptr_t uattr, u32 size);
>> +int bpf_log_attr_finalize(struct bpf_log_attr *attr, struct bpf_verifier_log *log);
>> +
>> #define BPF_MAX_SUBPROGS 256
>>
>> struct bpf_subprog_arg_info {
>> diff --git a/kernel/bpf/log.c b/kernel/bpf/log.c
>> index a0c3b35de2ce..ff579fcba36f 100644
>> --- a/kernel/bpf/log.c
>> +++ b/kernel/bpf/log.c
>> @@ -863,3 +863,38 @@ void print_insn_state(struct bpf_verifier_env *env, const struct bpf_verifier_st
>> }
>> print_verifier_state(env, vstate, frameno, false);
>> }
>> +
>> +static void bpf_log_attr_init(struct bpf_log_attr *attr_log, int offsetof_true_size, bpfptr_t uattr,
>> + u32 uattr_size)
>> +{
>> + memset(attr_log, 0, sizeof(*attr_log));
>> + attr_log->offsetof_true_size = offsetof_true_size;
>> + attr_log->uattr_size = uattr_size;
>> + attr_log->uattr = uattr;
>> +}
>> +
>> +int bpf_prog_load_log_attr_init(struct bpf_log_attr *attr_log, union bpf_attr *attr,
>> + bpfptr_t uattr, u32 size)
>> +{
>> + bpf_log_attr_init(attr_log, offsetof(union bpf_attr, log_true_size), uattr, size);
>> + return 0;
>> +}
>> +
>> +int bpf_log_attr_finalize(struct bpf_log_attr *attr, struct bpf_verifier_log *log)
>> +{
>> + u32 log_true_size;
>> + size_t size;
>> + int err;
>> +
>> + if (!log)
>> + return 0;
>
> can this ever happen? why guard against this?
>
In patch #7, 'log' can be NULL when users do not provide 'log_buf'.
However, bpf_vlog_finalize() already guards against this case, so I'll
drop this check.
>> +
>> + err = bpf_vlog_finalize(log, &log_true_size);
>> +
>> + size = sizeof(log_true_size);
>> + if (attr->uattr_size >= attr->offsetof_true_size + size &&
>> + copy_to_bpfptr_offset(attr->uattr, attr->offsetof_true_size, &log_true_size, size))
>> + err = -EFAULT;
>
> minor nit: return -EFAULT;
>
Ack.
Thanks,
Leon
Powered by blists - more mailing lists