[PATCH v4 bpf-next 08/17] bpf: verify base BTF CRC to ensure it matches module BTF

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Having a base CRC in module BTF allows us to reject base BTF
that does not match that CRC; this allows us to recognize
incompatible BTF up-front, not having to rely on invalidation
due to internal mismatches in module/kernel BTF ids.

Signed-off-by: Alan Maguire <alan.maguire@xxxxxxxxxx>
---
 kernel/bpf/btf.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c
index 96c553e40b43..a51dc3ef6a56 100644
--- a/kernel/bpf/btf.c
+++ b/kernel/bpf/btf.c
@@ -5369,6 +5369,24 @@ static int btf_parse_hdr(struct btf_verifier_env *env)
 			return -EINVAL;
 		}
 	}
+	if (hdr->flags & BTF_FLAG_BASE_CRC_SET) {
+		struct btf_header *base_hdr = &btf->base_btf->hdr;
+
+		if (!btf->base_btf) {
+			btf_verifier_log(env, "Specified base BTF CRC but no base BTF");
+			return -EINVAL;
+		}
+
+		if (!(base_hdr->flags & BTF_FLAG_CRC_SET)) {
+			btf_verifier_log(env, "Specified base BTF CRC but base BTF has no CRC");
+			return -EINVAL;
+		}
+		if (hdr->base_crc != base_hdr->crc) {
+			btf_verifier_log(env, "Specified base CRC 0x%x; differs from actual base CRC 0x%x\n",
+					 hdr->base_crc, base_hdr->crc);
+			return -EINVAL;
+		}
+	}
 	if (!btf->base_btf && btf_data_size == hdr->hdr_len) {
 		btf_verifier_log(env, "No data");
 		return -EINVAL;
-- 
2.31.1





[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux