| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20211210130230.4128676-2-memxor@gmail.com>
Date: Fri, 10 Dec 2021 18:32:22 +0530
From: Kumar Kartikeya Dwivedi <memxor@...il.com>
To: bpf@...r.kernel.org
Cc: Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Andrii Nakryiko <andrii@...nel.org>,
Martin KaFai Lau <kafai@...com>,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
John Fastabend <john.fastabend@...il.com>,
Maxim Mikityanskiy <maximmi@...dia.com>,
Florian Westphal <fw@...len.de>,
Jesper Dangaard Brouer <brouer@...hat.com>,
Toke Høiland-Jørgensen <toke@...hat.com>,
netdev@...r.kernel.org, netfilter-devel@...r.kernel.org
Subject: [PATCH bpf-next v3 1/9] bpf: Refactor bpf_check_mod_kfunc_call
Future commits adding more callbacks will implement the same pattern of
matching module owner of kfunc_btf_id_set, and then operating on more
sets inside the struct.
While the btf_id_set for check_kfunc_call wouldn't have been NULL so
far, future commits introduce sets that are optional, hence the common
code also checks whether the pointer is valid.
Note that we must continue search on owner match and btf_id_set_contains
returning false, since more entries may have same owner (which can be
NULL for built-in modules). To clarify this case, a comment is added, so
that future commits don't regress the search.
Signed-off-by: Kumar Kartikeya Dwivedi <memxor@...il.com>
---
include/linux/btf.h | 12 +++++++++++-
kernel/bpf/btf.c | 27 +++++++++++++++++++--------
2 files changed, 30 insertions(+), 9 deletions(-)
diff --git a/include/linux/btf.h b/include/linux/btf.h
index acef6ef28768..d96e2859382e 100644
--- a/include/linux/btf.h
+++ b/include/linux/btf.h
@@ -320,9 +320,19 @@ static inline const char *btf_name_by_offset(const struct btf *btf,
}
#endif
+enum kfunc_btf_id_set_types {
+ BTF_SET_CHECK,
+ __BTF_SET_MAX,
+};
+
struct kfunc_btf_id_set {
struct list_head list;
- struct btf_id_set *set;
+ union {
+ struct btf_id_set *sets[__BTF_SET_MAX];
+ struct {
+ struct btf_id_set *set;
+ };
+ };
struct module *owner;
};
diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c
index 27b7de538697..c9413d13ca91 100644
--- a/kernel/bpf/btf.c
+++ b/kernel/bpf/btf.c
@@ -6390,22 +6390,33 @@ void unregister_kfunc_btf_id_set(struct kfunc_btf_id_list *l,
}
EXPORT_SYMBOL_GPL(unregister_kfunc_btf_id_set);
-bool bpf_check_mod_kfunc_call(struct kfunc_btf_id_list *klist, u32 kfunc_id,
- struct module *owner)
+/* Caller must hold reference to module 'owner' */
+static bool kfunc_btf_id_set_contains(struct kfunc_btf_id_list *klist,
+ u32 kfunc_id, struct module *owner,
+ enum kfunc_btf_id_set_types type)
{
- struct kfunc_btf_id_set *s;
+ struct kfunc_btf_id_set *s = NULL;
+ bool ret = false;
- if (!owner)
+ if (type >= __BTF_SET_MAX)
return false;
mutex_lock(&klist->mutex);
list_for_each_entry(s, &klist->list, list) {
- if (s->owner == owner && btf_id_set_contains(s->set, kfunc_id)) {
- mutex_unlock(&klist->mutex);
- return true;
+ if (s->owner == owner && s->sets[type] &&
+ btf_id_set_contains(s->sets[type], kfunc_id)) {
+ ret = true;
+ break;
}
+ /* continue search, since multiple sets may have same owner */
}
mutex_unlock(&klist->mutex);
- return false;
+ return ret;
+}
+
+bool bpf_check_mod_kfunc_call(struct kfunc_btf_id_list *klist, u32 kfunc_id,
+ struct module *owner)
+{
+ return kfunc_btf_id_set_contains(klist, kfunc_id, owner, BTF_SET_CHECK);
}
#endif
--
2.34.1
Powered by blists - more mailing lists