| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAL+tcoDJfy+SjVKF==fKLVVdr8qE0mJ2WWzGozN4f=OLX6ip1A@mail.gmail.com>
Date: Mon, 13 Jan 2025 08:28:21 +0800
From: Jason Xing <kerneljasonxing@...il.com>
To: kernel test robot <lkp@...el.com>
Cc: davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
pabeni@...hat.com, dsahern@...nel.org, willemdebruijn.kernel@...il.com,
willemb@...gle.com, ast@...nel.org, daniel@...earbox.net, andrii@...nel.org,
martin.lau@...ux.dev, eddyz87@...il.com, song@...nel.org,
yonghong.song@...ux.dev, john.fastabend@...il.com, kpsingh@...nel.org,
sdf@...ichev.me, haoluo@...gle.com, jolsa@...nel.org, horms@...nel.org,
llvm@...ts.linux.dev, oe-kbuild-all@...ts.linux.dev, bpf@...r.kernel.org,
netdev@...r.kernel.org
Subject: Re: [PATCH net-next v5 05/15] net-timestamp: add strict check in some
BPF calls
On Sun, Jan 12, 2025 at 10:39 PM kernel test robot <lkp@...el.com> wrote:
>
> Hi Jason,
>
> kernel test robot noticed the following build warnings:
>
> [auto build test WARNING on net-next/main]
>
> url: https://github.com/intel-lab-lkp/linux/commits/Jason-Xing/net-timestamp-add-support-for-bpf_setsockopt/20250112-194115
> base: net-next/main
> patch link: https://lore.kernel.org/r/20250112113748.73504-6-kerneljasonxing%40gmail.com
> patch subject: [PATCH net-next v5 05/15] net-timestamp: add strict check in some BPF calls
> config: i386-buildonly-randconfig-006-20250112 (https://download.01.org/0day-ci/archive/20250112/202501122251.7G2Wsbzx-lkp@intel.com/config)
> compiler: clang version 19.1.3 (https://github.com/llvm/llvm-project ab51eccf88f5321e7c60591c5546b254b6afab99)
> reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250112/202501122251.7G2Wsbzx-lkp@intel.com/reproduce)
>
> If you fix the issue in a separate patch/commit (i.e. not just a new version of
> the same patch/commit), kindly add following tags
> | Reported-by: kernel test robot <lkp@...el.com>
> | Closes: https://lore.kernel.org/oe-kbuild-all/202501122251.7G2Wsbzx-lkp@intel.com/
>
> All warnings (new ones prefixed by >>):
>
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:4863:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 4863 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:4891:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 4891 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:5063:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 5063 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:5077:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 5077 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:5126:45: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 5126 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON | PTR_MAYBE_NULL,
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~~
> net/core/filter.c:5592:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 5592 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:5626:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 5626 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:5660:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 5660 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:5703:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 5703 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:5880:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 5880 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:6417:46: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 6417 | .arg3_type = ARG_PTR_TO_FIXED_SIZE_MEM | MEM_WRITE | MEM_ALIGNED,
> | ~~~~~~~~~~~~~~~~~~~~~~~~~ ^ ~~~~~~~~~
> net/core/filter.c:6429:46: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 6429 | .arg3_type = ARG_PTR_TO_FIXED_SIZE_MEM | MEM_WRITE | MEM_ALIGNED,
> | ~~~~~~~~~~~~~~~~~~~~~~~~~ ^ ~~~~~~~~~
> net/core/filter.c:6515:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 6515 | .arg3_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:6525:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 6525 | .arg3_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:6569:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 6569 | .arg3_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:6658:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 6658 | .arg3_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:6902:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 6902 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:6921:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 6921 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:6940:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 6940 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:6964:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 6964 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:6988:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 6988 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:7012:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 7012 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:7029:45: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 7029 | .arg1_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON | OBJ_RELEASE,
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~
> net/core/filter.c:7050:35: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 7050 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:7074:35: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 7074 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:7098:35: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 7098 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:7118:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 7118 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:7137:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 7137 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:7156:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 7156 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:7474:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 7474 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:7476:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 7476 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:7543:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 7543 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> net/core/filter.c:7545:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 7545 | .arg4_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> >> net/core/filter.c:7631:19: warning: result of comparison of constant 'SK_BPF_CB_FLAGS' (1009) with expression of type 'u8' (aka 'unsigned char') is always true [-Wtautological-constant-out-of-range-compare]
> 7631 | if (bpf_sock->op != SK_BPF_CB_FLAGS)
> | ~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~~~
> net/core/filter.c:7777:30: warning: bitwise operation between different enumeration types ('enum bpf_arg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion]
> 7777 | .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY,
> | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~
> 41 warnings generated.
>
>
> vim +7631 net/core/filter.c
>
> 7622
> 7623 BPF_CALL_4(bpf_sock_ops_load_hdr_opt, struct bpf_sock_ops_kern *, bpf_sock,
> 7624 void *, search_res, u32, len, u64, flags)
> 7625 {
> 7626 bool eol, load_syn = flags & BPF_LOAD_HDR_OPT_TCP_SYN;
> 7627 const u8 *op, *opend, *magic, *search = search_res;
> 7628 u8 search_kind, search_len, copy_len, magic_len;
> 7629 int ret;
> 7630
> > 7631 if (bpf_sock->op != SK_BPF_CB_FLAGS)
Oops, I realized that SK_BPF_CB_FLAGS cannot be used by "op". I'll
aggregate all the callbacks used by timestamping and use to test them
here like the following patch to avoid calling these helpers in the
context of timestamping callback.
diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
index 87420c0f2235..9e6a782b4042 100644
--- a/include/uapi/linux/bpf.h
+++ b/include/uapi/linux/bpf.h
@@ -7022,6 +7022,10 @@ enum {
* by the kernel or the
* earlier bpf-progs.
*/
+#define BPF_SOCK_OPTS_TS (BPF_SOCK_OPS_TS_SCHED_OPT_CB | \
+ BPF_SOCK_OPS_TS_SW_OPT_CB | \
+ BPF_SOCK_OPS_TS_ACK_OPT_CB | \
+ BPF_SOCK_OPS_TS_TCP_SND_CB)
BPF_SOCK_OPS_TS_SCHED_OPT_CB, /* Called when skb is passing through
* dev layer when SO_TIMESTAMPING
* feature is on. It indicates the
diff --git a/net/core/filter.c b/net/core/filter.c
index 517f09aabc92..1fcd88b558f4 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -7628,7 +7628,7 @@ BPF_CALL_4(bpf_sock_ops_load_hdr_opt, struct
bpf_sock_ops_kern *, bpf_sock,
u8 search_kind, search_len, copy_len, magic_len;
int ret;
- if (bpf_sock->op != SK_BPF_CB_FLAGS)
+ if (bpf_sock->op != BPF_SOCK_OPTS_TS)
return -EINVAL;
/* 2 byte is the minimal option len except TCPOPT_NOP and
Thanks,
Jason
> 7632 return -EINVAL;
> 7633
> 7634 /* 2 byte is the minimal option len except TCPOPT_NOP and
> 7635 * TCPOPT_EOL which are useless for the bpf prog to learn
> 7636 * and this helper disallow loading them also.
> 7637 */
> 7638 if (len < 2 || flags & ~BPF_LOAD_HDR_OPT_TCP_SYN)
> 7639 return -EINVAL;
> 7640
> 7641 search_kind = search[0];
> 7642 search_len = search[1];
> 7643
> 7644 if (search_len > len || search_kind == TCPOPT_NOP ||
> 7645 search_kind == TCPOPT_EOL)
> 7646 return -EINVAL;
> 7647
> 7648 if (search_kind == TCPOPT_EXP || search_kind == 253) {
> 7649 /* 16 or 32 bit magic. +2 for kind and kind length */
> 7650 if (search_len != 4 && search_len != 6)
> 7651 return -EINVAL;
> 7652 magic = &search[2];
> 7653 magic_len = search_len - 2;
> 7654 } else {
> 7655 if (search_len)
> 7656 return -EINVAL;
> 7657 magic = NULL;
> 7658 magic_len = 0;
> 7659 }
> 7660
> 7661 if (load_syn) {
> 7662 ret = bpf_sock_ops_get_syn(bpf_sock, TCP_BPF_SYN, &op);
> 7663 if (ret < 0)
> 7664 return ret;
> 7665
> 7666 opend = op + ret;
> 7667 op += sizeof(struct tcphdr);
> 7668 } else {
> 7669 if (!bpf_sock->skb ||
> 7670 bpf_sock->op == BPF_SOCK_OPS_HDR_OPT_LEN_CB)
> 7671 /* This bpf_sock->op cannot call this helper */
> 7672 return -EPERM;
> 7673
> 7674 opend = bpf_sock->skb_data_end;
> 7675 op = bpf_sock->skb->data + sizeof(struct tcphdr);
> 7676 }
> 7677
> 7678 op = bpf_search_tcp_opt(op, opend, search_kind, magic, magic_len,
> 7679 &eol);
> 7680 if (IS_ERR(op))
> 7681 return PTR_ERR(op);
> 7682
> 7683 copy_len = op[1];
> 7684 ret = copy_len;
> 7685 if (copy_len > len) {
> 7686 ret = -ENOSPC;
> 7687 copy_len = len;
> 7688 }
> 7689
> 7690 memcpy(search_res, op, copy_len);
> 7691 return ret;
> 7692 }
> 7693
>
> --
> 0-DAY CI Kernel Test Service
> https://github.com/intel/lkp-tests/wiki
Powered by blists - more mailing lists