From patchwork Wed Nov 22 18:32:56 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gianluca Borello X-Patchwork-Id: 840473 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="BlTM5qcp"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3yhrgq69HXz9s5L for ; Thu, 23 Nov 2017 05:33:43 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751965AbdKVSdl (ORCPT ); Wed, 22 Nov 2017 13:33:41 -0500 Received: from mail-pg0-f67.google.com ([74.125.83.67]:34643 "EHLO mail-pg0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751762AbdKVSdi (ORCPT ); Wed, 22 Nov 2017 13:33:38 -0500 Received: by mail-pg0-f67.google.com with SMTP id 4so12944138pge.1 for ; Wed, 22 Nov 2017 10:33:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=/SXwh3oqxTfc2Q0QaCTEMpn661dXsEFB9BPgp8RF/6E=; b=BlTM5qcpDUASc77x0IW3+jjtxfxI6MnuJUhXdiQ/qMC7AOoMHtZZNIHVkNqBobDU8H u43Bh81W7HBXXfEEy2NTjBJyMl5lp7KDFm8L+nIo7aIIpMW3MSPgJr5SnlSNLTvQo8W0 sE7JrdMRLTHts8dhFDZfeoaCF2EseWF9avx0Z+NLOe6wpnBB4dtUKdhYHftMPQUQb3iU uK7InpTjBGjN3gbX4ftHOtVxBqC5i1XCFY1ANtDRY4BHumU0v00vfKVjPPnutieEBJqv HTo85tFnaV3KeSjgnqUyslsywCKs3FDCfH/LYsEfpLQCwLgX5mxrCERJB5PBRqkVA3U4 cNrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=/SXwh3oqxTfc2Q0QaCTEMpn661dXsEFB9BPgp8RF/6E=; b=QX2t0bGu6crKNqzS57NX5alivn10r94qcJ4y554SbEwS6BLvaIzn4sosPGzApGptPD InC5UvSCgM5WL5fs86OLFS/Q4HiN0GziPlMelEPtZ+Hsmgm97N105iytd6Nv9f8MjUV2 wVHbuodQbHGXvYGFfgEgcDE/duhUfrWu/ioPQiPgSxQvc4sTW5X6ch6J0GP+ckvPtzaP RjNLz3/qMo9tdPLt/RDbLYDjZizXe1AWz6iO1HXb4tqz1A8RZG0NAHhHZG18g7aminHj Ux3MqmHuPnHXJflClRO4Hf6x/LjsvKm/aH1dsBEIVvTOXUZjz3+0aVw7j8nX8h7MJHE8 ha1A== X-Gm-Message-State: AJaThX46VHKRGoN4WVrAcF/rXhyREK2iqhhXMtxSfQdygaOlBqRkWDPd vbEgvv4EFJSSdU7vGaUQHObHR43c X-Google-Smtp-Source: AGs4zMZo9EH7YdIGALcqT5VYLBtaDRgQKkPQ/I7WsBdOx6k4P6dQMiSyNJ4z7NsIqk0UewqRKAqGUg== X-Received: by 10.98.19.202 with SMTP id 71mr20214694pft.181.1511375617453; Wed, 22 Nov 2017 10:33:37 -0800 (PST) Received: from localhost.localdomain (c-67-172-180-56.hsd1.ca.comcast.net. [67.172.180.56]) by smtp.gmail.com with ESMTPSA id k3sm34888075pfc.44.2017.11.22.10.33.36 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 22 Nov 2017 10:33:36 -0800 (PST) From: Gianluca Borello To: netdev@vger.kernel.org Cc: daniel@iogearbox.net, ast@kernel.org, yhs@fb.com, Gianluca Borello Subject: [PATCH net 4/4] bpf: change bpf_perf_event_output arg5 type to ARG_CONST_SIZE_OR_ZERO Date: Wed, 22 Nov 2017 18:32:56 +0000 Message-Id: <20171122183256.7219-5-g.borello@gmail.com> X-Mailer: git-send-email 2.15.0 In-Reply-To: <20171122183256.7219-1-g.borello@gmail.com> References: <20171122183256.7219-1-g.borello@gmail.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Commit 9fd29c08e520 ("bpf: improve verifier ARG_CONST_SIZE_OR_ZERO semantics") relaxed the treatment of ARG_CONST_SIZE_OR_ZERO due to the way the compiler generates optimized BPF code when checking boundaries of an argument from C code. A typical example of this optimized code can be generated using the bpf_perf_event_output helper when operating on variable memory: /* len is a generic scalar */ if (len > 0 && len <= 0x7fff) bpf_perf_event_output(ctx, &perf_map, 0, buf, len); 110: (79) r5 = *(u64 *)(r10 -40) 111: (bf) r1 = r5 112: (07) r1 += -1 113: (25) if r1 > 0x7ffe goto pc+6 114: (bf) r1 = r6 115: (18) r2 = 0xffff94e5f166c200 117: (b7) r3 = 0 118: (bf) r4 = r7 119: (85) call bpf_perf_event_output#25 R5 min value is negative, either use unsigned or 'var &= const' With this code, the verifier loses track of the variable. Replacing arg5 with ARG_CONST_SIZE_OR_ZERO is thus desirable since it avoids this quite common case which leads to usability issues, and the compiler generates code that the verifier can more easily test: if (len <= 0x7fff) bpf_perf_event_output(ctx, &perf_map, 0, buf, len); or bpf_perf_event_output(ctx, &perf_map, 0, buf, len & 0x7fff); No changes to the bpf_perf_event_output helper are necessary since it can handle a case where size is 0, and an empty frame is pushed. Reported-by: Arnaldo Carvalho de Melo Signed-off-by: Gianluca Borello Acked-by: Alexei Starovoitov Acked-by: Daniel Borkmann --- kernel/trace/bpf_trace.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -- 2.14.1 diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c index ed8601a1a861..27d1f4ffa3de 100644 --- a/kernel/trace/bpf_trace.c +++ b/kernel/trace/bpf_trace.c @@ -403,7 +403,7 @@ static const struct bpf_func_proto bpf_perf_event_output_proto = { .arg2_type = ARG_CONST_MAP_PTR, .arg3_type = ARG_ANYTHING, .arg4_type = ARG_PTR_TO_MEM, - .arg5_type = ARG_CONST_SIZE, + .arg5_type = ARG_CONST_SIZE_OR_ZERO, }; static DEFINE_PER_CPU(struct pt_regs, bpf_pt_regs); @@ -605,7 +605,7 @@ static const struct bpf_func_proto bpf_perf_event_output_proto_tp = { .arg2_type = ARG_CONST_MAP_PTR, .arg3_type = ARG_ANYTHING, .arg4_type = ARG_PTR_TO_MEM, - .arg5_type = ARG_CONST_SIZE, + .arg5_type = ARG_CONST_SIZE_OR_ZERO, }; BPF_CALL_3(bpf_get_stackid_tp, void *, tp_buff, struct bpf_map *, map,