[ Sasha's backport helper bot ]
Hi,
Summary of potential issues: ℹ️ This is part 05/10 of a series ⚠️ Found follow-up fixes in mainline
The upstream commit SHA1 provided is correct: 81f6d0530ba031b5f038a091619bf2ff29568852
WARNING: Author mismatch between patch and upstream commit: Backport author: Shung-Hsi Yushung-hsi.yu@suse.com Commit author: Eduard Zingermaneddyz87@gmail.com
Status in newer kernel trees: 6.14.y | Present (exact SHA1) 6.12.y | Present (different SHA1: 3846e2bea565)
Found fixes commits: ac6542ad9275 bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs
Note: The patch differs from the upstream commit: --- 1: 81f6d0530ba03 ! 1: 9b08cd4de7325 bpf: check changes_pkt_data property for extension programs @@ Metadata ## Commit message ## bpf: check changes_pkt_data property for extension programs
+ commit 81f6d0530ba031b5f038a091619bf2ff29568852 upstream. + When processing calls to global sub-programs, verifier decides whether to invalidate all packet pointers in current state depending on the changes_pkt_data property of the global sub-program. @@ Commit message Signed-off-by: Eduard Zingerman eddyz87@gmail.com Link: https://lore.kernel.org/r/20241210041100.1898468-6-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov ast@kernel.org + [ shung-hsi.yu: adapt to missing fields in "struct bpf_prog_aux". Context + difference in jit_subprogs() because BPF Exception is not supported. Context + difference in bpf_check() because commit 5b5f51bff1b6 "bpf: + no_caller_saved_registers attribute for helper calls" is not present. ] + Signed-off-by: Shung-Hsi Yu shung-hsi.yu@suse.com
## include/linux/bpf.h ## @@ include/linux/bpf.h: struct bpf_prog_aux { - bool is_extended; /* true if extended by freplace program */ - bool jits_use_priv_stack; - bool priv_stack_requested; + bool sleepable; + bool tail_call_reachable; + bool xdp_has_frags; + bool changes_pkt_data; - u64 prog_array_member_cnt; /* counts how many times as member of prog_array */ - struct mutex ext_mutex; /* mutex for is_extended and prog_array_member_cnt */ - struct bpf_arena *arena; + /* BTF_KIND_FUNC_PROTO for valid attach_btf_id */ + const struct btf_type *attach_func_proto; + /* function name for valid attach_btf_id */
## kernel/bpf/verifier.c ## @@ kernel/bpf/verifier.c: static int check_cfg(struct bpf_verifier_env *env) @@ kernel/bpf/verifier.c: static int check_cfg(struct bpf_verifier_env *env) err_free: kvfree(insn_state); @@ kernel/bpf/verifier.c: static int jit_subprogs(struct bpf_verifier_env *env) + } func[i]->aux->num_exentries = num_exentries; func[i]->aux->tail_call_reachable = env->subprog_info[i].tail_call_reachable; - func[i]->aux->exception_cb = env->subprog_info[i].is_exception_cb; + func[i]->aux->changes_pkt_data = env->subprog_info[i].changes_pkt_data; - if (!i) - func[i]->aux->exception_boundary = env->seen_exception; func[i] = bpf_int_jit_compile(func[i]); + if (!func[i]->jited) { + err = -ENOTSUPP; @@ kernel/bpf/verifier.c: int bpf_check_attach_target(struct bpf_verifier_log *log, "Extension programs should be JITed\n"); return -EINVAL; @@ kernel/bpf/verifier.c: int bpf_check(struct bpf_prog **prog, union bpf_attr *att + if (ret) + goto skip_full_check; + - ret = mark_fastcall_patterns(env); - if (ret < 0) - goto skip_full_check; + ret = do_check_subprogs(env); + ret = ret ?: do_check_main(env); + ---
NOTE: These results are for this patch alone. Full series testing will be performed when all parts are received.
Results of testing on various branches:
| Branch | Patch Apply | Build Test | |---------------------------|-------------|------------| | stable/linux-6.12.y | Success | Success |