lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20250422-xdp-prog-bound-fix-v1-1-0b581fa186fe@kernel.org>
Date: Tue, 22 Apr 2025 23:14:52 +0200
From: Lorenzo Bianconi <lorenzo@...nel.org>
To: Alexei Starovoitov <ast@...nel.org>, 
 Daniel Borkmann <daniel@...earbox.net>, 
 John Fastabend <john.fastabend@...il.com>, 
 Andrii Nakryiko <andrii@...nel.org>, 
 Martin KaFai Lau <martin.lau@...ux.dev>, 
 Eduard Zingerman <eddyz87@...il.com>, Song Liu <song@...nel.org>, 
 Yonghong Song <yonghong.song@...ux.dev>, KP Singh <kpsingh@...nel.org>, 
 Stanislav Fomichev <sdf@...ichev.me>, Hao Luo <haoluo@...gle.com>, 
 Jiri Olsa <jolsa@...nel.org>, "David S. Miller" <davem@...emloft.net>, 
 Jakub Kicinski <kuba@...nel.org>, Jesper Dangaard Brouer <hawk@...nel.org>
Cc: bpf@...r.kernel.org, netdev@...r.kernel.org, 
 Lorenzo Bianconi <lorenzo@...nel.org>
Subject: [PATCH bpf-next] bpf: Allow XDP dev bounded program to perform
 XDP_REDIRECT into maps

In the current implementation if the program is bounded to a specific
device, it will not be possible to perform XDP_REDIRECT into a DEVMAP
or CPUMAP even if the program is not attached to the map entry. This
seems in contrast with the explanation available in
bpf_prog_map_compatible routine. Fix the issue taking into account
even the attach program type and allow XDP dev bounded program to
perform XDP_REDIRECT into maps if the attach type is not BPF_XDP_DEVMAP
or BPF_XDP_CPUMAP.

Fixes: 3d76a4d3d4e59 ("bpf: XDP metadata RX kfuncs")
Signed-off-by: Lorenzo Bianconi <lorenzo@...nel.org>
---
 kernel/bpf/core.c | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
index ba6b6118cf504041278d05417c4212d57be6fca0..a33175efffc377edbfe281397017eb467bfbcce9 100644
--- a/kernel/bpf/core.c
+++ b/kernel/bpf/core.c
@@ -2358,6 +2358,26 @@ static unsigned int __bpf_prog_ret0_warn(const void *ctx,
 	return 0;
 }
 
+static bool bpf_prog_dev_bound_map_compatible(struct bpf_map *map,
+					      const struct bpf_prog *prog)
+{
+	if (!bpf_prog_is_dev_bound(prog->aux))
+		return true;
+
+	if (map->map_type == BPF_MAP_TYPE_PROG_ARRAY)
+		return false;
+
+	if (map->map_type == BPF_MAP_TYPE_DEVMAP &&
+	    prog->expected_attach_type != BPF_XDP_DEVMAP)
+		return true;
+
+	if (map->map_type == BPF_MAP_TYPE_CPUMAP &&
+	    prog->expected_attach_type != BPF_XDP_CPUMAP)
+		return true;
+
+	return false;
+}
+
 bool bpf_prog_map_compatible(struct bpf_map *map,
 			     const struct bpf_prog *fp)
 {
@@ -2373,7 +2393,7 @@ bool bpf_prog_map_compatible(struct bpf_map *map,
 	 * in the case of devmap and cpumap). Until device checks
 	 * are implemented, prohibit adding dev-bound programs to program maps.
 	 */
-	if (bpf_prog_is_dev_bound(aux))
+	if (!bpf_prog_dev_bound_map_compatible(map, fp))
 		return false;
 
 	spin_lock(&map->owner.lock);

---
base-commit: 5709be4c35ba760b001733939e20069de033a697
change-id: 20250422-xdp-prog-bound-fix-9f30f3e134aa

Best regards,
-- 
Lorenzo Bianconi <lorenzo@...nel.org>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ