Hi,
On 12/14/2023 7:32 AM, Andrii Nakryiko wrote:
> On Wed, Dec 13, 2023 at 3:24 AM Hou Tao <houtao@xxxxxxxxxxxxxxx> wrote:
>> From: Hou Tao <houtao1@xxxxxxxxxx>
>>
>> An abnormally big cnt may also be assigned to kprobe_multi.cnt when
>> attaching multiple kprobes. It will trigger the following warning in
>> kvmalloc_node():
>>
>> if (unlikely(size > INT_MAX)) {
>> WARN_ON_ONCE(!(flags & __GFP_NOWARN));
>> return NULL;
>> }
>>
>> Fix the warning by limiting the maximal number of kprobes in
>> bpf_kprobe_multi_link_attach().
>>
>> Fixes: 0dcac2725406 ("bpf: Add multi kprobe link")
>> Signed-off-by: Hou Tao <houtao1@xxxxxxxxxx>
>> ---
>> kernel/trace/bpf_trace.c | 3 ++-
>> 1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
>> index 2d1201f7b554..944678529f5c 100644
>> --- a/kernel/trace/bpf_trace.c
>> +++ b/kernel/trace/bpf_trace.c
>> @@ -43,6 +43,7 @@
>> rcu_dereference_protected(p, lockdep_is_held(&bpf_event_mutex))
>>
>> #define MAX_UPROBE_MULTI_CNT (1U << 20)
>> +#define MAX_KPROBE_MULTI_CNT (1U << 20)
>>
>> #ifdef CONFIG_MODULES
>> struct bpf_trace_module {
>> @@ -2970,7 +2971,7 @@ int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *pr
>> return -EINVAL;
>>
>> cnt = attr->link_create.kprobe_multi.cnt;
>> - if (!cnt)
>> + if (!cnt || cnt > MAX_KPROBE_MULTI_CNT)
>> return -EINVAL;
> let's return -E2BIG for `cnt > MAX` cases? Same in another patch
Good point. Will do in v3.
>> size = cnt * sizeof(*addrs);
>> --
>> 2.29.2
>>
