On Wed, Oct 9, 2019 at 9:15 PM Alexei Starovoitov <ast@xxxxxxxxxx> wrote: > > If in-kernel BTF exists parse it and prepare 'struct btf *btf_vmlinux' > for further use by the verifier. > In-kernel BTF is trusted just like kallsyms and other build artifacts > embedded into vmlinux. > Yet run this BTF image through BTF verifier to make sure > that it is valid and it wasn't mangled during the build. > If in-kernel BTF is incorrect it means either gcc or pahole or kernel > are buggy. In such case disallow loading BPF programs. > > Signed-off-by: Alexei Starovoitov <ast@xxxxxxxxxx> > --- Acked-by: Andrii Nakryiko <andriin@xxxxxx> > include/linux/bpf_verifier.h | 4 +- > include/linux/btf.h | 1 + > kernel/bpf/btf.c | 71 +++++++++++++++++++++++++++++++++++- > kernel/bpf/verifier.c | 20 ++++++++++ > 4 files changed, 94 insertions(+), 2 deletions(-) > [...]
