From: Arnd Bergmann arnd@arndb.de
bpf_probe_read_kernel() has a __weak definition in core.c and another definition with an incompatible prototype in kernel/trace/bpf_trace.c, when CONFIG_BPF_EVENTS is enabled.
Since the two are incompatible, there cannot be a shared declaration in a header file, but the lack of a prototype causes a W=1 warning:
kernel/bpf/core.c:1638:12: error: no previous prototype for 'bpf_probe_read_kernel' [-Werror=missing-prototypes]
Change the core.c file to only reference the inner bpf_probe_read_kernel_common() helper and provide a prototype for that.
Aside from the warning, this addresses a bug on 32-bit architectures from incorrect argument passing with the mismatched prototype.
Cc: stable@vger.kernel.org Signed-off-by: Arnd Bergmann arnd@arndb.de -- v2: rewrite completely to fix the mismatch. --- include/linux/bpf.h | 2 ++ kernel/bpf/core.c | 9 ++++++--- kernel/trace/bpf_trace.c | 3 +-- 3 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/include/linux/bpf.h b/include/linux/bpf.h index 36e4b2d8cca2..6a231ec61a87 100644 --- a/include/linux/bpf.h +++ b/include/linux/bpf.h @@ -2619,6 +2619,8 @@ static inline void bpf_dynptr_set_rdonly(struct bpf_dynptr_kern *ptr) } #endif /* CONFIG_BPF_SYSCALL */
+int bpf_probe_read_kernel_common(void *dst, u32 size, const void *unsafe_ptr); + void __bpf_free_used_btfs(struct bpf_prog_aux *aux, struct btf_mod_pair *used_btfs, u32 len);
diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c index 0926714641eb..e7f0d5f146fa 100644 --- a/kernel/bpf/core.c +++ b/kernel/bpf/core.c @@ -35,6 +35,7 @@ #include <linux/bpf_verifier.h> #include <linux/nodemask.h> #include <linux/nospec.h> +#include <linux/bpf.h> #include <linux/bpf_mem_alloc.h> #include <linux/memcontrol.h>
@@ -1635,11 +1636,13 @@ bool bpf_opcode_in_insntable(u8 code) }
#ifndef CONFIG_BPF_JIT_ALWAYS_ON -u64 __weak bpf_probe_read_kernel(void *dst, u32 size, const void *unsafe_ptr) +#ifndef CONFIG_BPF_EVENTS +int bpf_probe_read_kernel_common(void * dst, u32 size, const void *unsafe_ptr) { memset(dst, 0, size); return -EFAULT; } +#endif
/** * ___bpf_prog_run - run eBPF program on a given context @@ -1931,8 +1934,8 @@ static u64 ___bpf_prog_run(u64 *regs, const struct bpf_insn *insn) DST = *(SIZE *)(unsigned long) (SRC + insn->off); \ CONT; \ LDX_PROBE_MEM_##SIZEOP: \ - bpf_probe_read_kernel(&DST, sizeof(SIZE), \ - (const void *)(long) (SRC + insn->off)); \ + bpf_probe_read_kernel_common(&DST, sizeof(SIZE), \ + (const void *)(long) (SRC + insn->off)); \ DST = *((SIZE *)&DST); \ CONT;
diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c index 2bc41e6ac9fe..290fdce2ce53 100644 --- a/kernel/trace/bpf_trace.c +++ b/kernel/trace/bpf_trace.c @@ -223,8 +223,7 @@ const struct bpf_func_proto bpf_probe_read_user_str_proto = { .arg3_type = ARG_ANYTHING, };
-static __always_inline int -bpf_probe_read_kernel_common(void *dst, u32 size, const void *unsafe_ptr) +int bpf_probe_read_kernel_common(void *dst, u32 size, const void *unsafe_ptr) { int ret;
On 5/23/23 12:43 PM, Arnd Bergmann wrote:
From: Arnd Bergmann arnd@arndb.de
bpf_probe_read_kernel() has a __weak definition in core.c and another definition with an incompatible prototype in kernel/trace/bpf_trace.c, when CONFIG_BPF_EVENTS is enabled.
Since the two are incompatible, there cannot be a shared declaration in a header file, but the lack of a prototype causes a W=1 warning:
kernel/bpf/core.c:1638:12: error: no previous prototype for 'bpf_probe_read_kernel' [-Werror=missing-prototypes]
Change the core.c file to only reference the inner bpf_probe_read_kernel_common() helper and provide a prototype for that.
Aside from the warning, this addresses a bug on 32-bit architectures from incorrect argument passing with the mismatched prototype.
Could you explain what is this '32-bit architectures ... incorrect argument passing' thing?
Cc: stable@vger.kernel.org Signed-off-by: Arnd Bergmann arnd@arndb.de -- v2: rewrite completely to fix the mismatch.
include/linux/bpf.h | 2 ++ kernel/bpf/core.c | 9 ++++++--- kernel/trace/bpf_trace.c | 3 +-- 3 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/include/linux/bpf.h b/include/linux/bpf.h index 36e4b2d8cca2..6a231ec61a87 100644 --- a/include/linux/bpf.h +++ b/include/linux/bpf.h @@ -2619,6 +2619,8 @@ static inline void bpf_dynptr_set_rdonly(struct bpf_dynptr_kern *ptr) } #endif /* CONFIG_BPF_SYSCALL */ +int bpf_probe_read_kernel_common(void *dst, u32 size, const void *unsafe_ptr);
- void __bpf_free_used_btfs(struct bpf_prog_aux *aux, struct btf_mod_pair *used_btfs, u32 len);
diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c index 0926714641eb..e7f0d5f146fa 100644 --- a/kernel/bpf/core.c +++ b/kernel/bpf/core.c @@ -35,6 +35,7 @@ #include <linux/bpf_verifier.h> #include <linux/nodemask.h> #include <linux/nospec.h> +#include <linux/bpf.h> #include <linux/bpf_mem_alloc.h> #include <linux/memcontrol.h> @@ -1635,11 +1636,13 @@ bool bpf_opcode_in_insntable(u8 code) } #ifndef CONFIG_BPF_JIT_ALWAYS_ON -u64 __weak bpf_probe_read_kernel(void *dst, u32 size, const void *unsafe_ptr) +#ifndef CONFIG_BPF_EVENTS +int bpf_probe_read_kernel_common(void * dst, u32 size, const void *unsafe_ptr)
void * dst => void *dst
{ memset(dst, 0, size); return -EFAULT; } +#endif /**
- ___bpf_prog_run - run eBPF program on a given context
@@ -1931,8 +1934,8 @@ static u64 ___bpf_prog_run(u64 *regs, const struct bpf_insn *insn) DST = *(SIZE *)(unsigned long) (SRC + insn->off); \ CONT; \ LDX_PROBE_MEM_##SIZEOP: \
bpf_probe_read_kernel(&DST, sizeof(SIZE), \(const void *)(long) (SRC + insn->off)); \
bpf_probe_read_kernel_common(&DST, sizeof(SIZE), \(const void *)(long) (SRC + insn->off)); \diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c index 2bc41e6ac9fe..290fdce2ce53 100644 --- a/kernel/trace/bpf_trace.c +++ b/kernel/trace/bpf_trace.c @@ -223,8 +223,7 @@ const struct bpf_func_proto bpf_probe_read_user_str_proto = { .arg3_type = ARG_ANYTHING, }; -static __always_inline int -bpf_probe_read_kernel_common(void *dst, u32 size, const void *unsafe_ptr) +int bpf_probe_read_kernel_common(void *dst, u32 size, const void *unsafe_ptr) { int ret;
On Wed, May 24, 2023, at 05:12, Yonghong Song wrote:
On 5/23/23 12:43 PM, Arnd Bergmann wrote:
Aside from the warning, this addresses a bug on 32-bit architectures from incorrect argument passing with the mismatched prototype.
Could you explain what is this '32-bit architectures ... incorrect argument passing' thing?
I've expanded that paragraph now:
| Aside from the warning, this addresses a bug on 32-bit architectures | from incorrect argument passing with the mismatched prototype: | BPF_CALL_x() functions use 64-bit arguments that are passed in | pairs of register or on the stack on 32-bit architectures, while the | normal function uses one register per argument.
Let me know if you think I should put more details in there.
@@ -1635,11 +1636,13 @@ bool bpf_opcode_in_insntable(u8 code) } #ifndef CONFIG_BPF_JIT_ALWAYS_ON -u64 __weak bpf_probe_read_kernel(void *dst, u32 size, const void *unsafe_ptr) +#ifndef CONFIG_BPF_EVENTS +int bpf_probe_read_kernel_common(void * dst, u32 size, const void *unsafe_ptr)
void * dst => void *dst
Fixed now.
Thanks,
Arnd
On 5/24/23 6:28 AM, Arnd Bergmann wrote:
On Wed, May 24, 2023, at 05:12, Yonghong Song wrote:
On 5/23/23 12:43 PM, Arnd Bergmann wrote:
Aside from the warning, this addresses a bug on 32-bit architectures from incorrect argument passing with the mismatched prototype.
Could you explain what is this '32-bit architectures ... incorrect argument passing' thing?
I've expanded that paragraph now:
| Aside from the warning, this addresses a bug on 32-bit architectures | from incorrect argument passing with the mismatched prototype: | BPF_CALL_x() functions use 64-bit arguments that are passed in | pairs of register or on the stack on 32-bit architectures, while the | normal function uses one register per argument.
Let me know if you think I should put more details in there.
Please mention the function you try to address for the bug on 32-bit architecture is:
u64 __weak bpf_probe_read_kernel(void *dst, u32 size, const void *unsafe_ptr)
which will be incompatible with BPF_CALL_3(bpf_probe_read_kernel, void *, dst, u32, size, const void *, unsafe_ptr) in bpf_trace.c.
So you fixed this bug by using internal function bpf_probe_read_kernel_common() instead.
Thanks.
@@ -1635,11 +1636,13 @@ bool bpf_opcode_in_insntable(u8 code) } #ifndef CONFIG_BPF_JIT_ALWAYS_ON -u64 __weak bpf_probe_read_kernel(void *dst, u32 size, const void *unsafe_ptr) +#ifndef CONFIG_BPF_EVENTS +int bpf_probe_read_kernel_common(void * dst, u32 size, const void *unsafe_ptr)
void * dst => void *dst
Fixed now.
Thanks,
Arnd
linux-stable-mirror@lists.linaro.org
-
Arnd Bergmann -
Arnd Bergmann -
Yonghong Song