Re: [PATCH v2 bpf-next 2/7] libbpf: fix __arg_ctx type enforcement for perf_event programs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri, Jan 26, 2024 at 1:32 PM Eduard Zingerman <eddyz87@xxxxxxxxx> wrote:
>
> On Fri, 2024-01-26 at 11:06 -0800, Andrii Nakryiko wrote:
> > On Fri, Jan 26, 2024 at 5:24 AM Eduard Zingerman <eddyz87@xxxxxxxxx> wrote:
> > >
> > > On Thu, 2024-01-25 at 12:55 -0800, Andrii Nakryiko wrote:
> > > [...]
> > >
> > > > @@ -6379,11 +6388,21 @@ static bool need_func_arg_type_fixup(const struct btf *btf, const struct bpf_pro
> > > >       /* special cases */
> > > >       switch (prog->type) {
> > > >       case BPF_PROG_TYPE_KPROBE:
> > > > -     case BPF_PROG_TYPE_PERF_EVENT:
> > > >               /* `struct pt_regs *` is expected, but we need to fix up */
> > > >               if (btf_is_struct(t) && strcmp(tname, "pt_regs") == 0)
> > > >                       return true;
> > > >               break;
> > >
> > > Sorry, this was probably discussed, but I got lost a bit.
> > > Kernel side does not change pt_regs for BPF_PROG_TYPE_KPROBE
> > > (in ./kernel/bpf/btf.c:btf_validate_prog_ctx_type)
> > > but here we do, why do it differently?
> > >
> >
> > Hm... We do the same. After this patch w end up with this logic on
> > libbpf side (which matches kernel-side one, I believe):
> >
> > for KPROBE => allow pt_regs (unconditionally)
> > for PERF_EVENT => allow user_regs_struct|user_pt_regs|pt_regs,
> > depending on bpf_user_pt_regs_t definition on host platform
> >
> > That should match what the kernel is doing.
>
> Oh..., I see:
> After (and before) this patch on libbpf side for KPROBE/pt_regs
> need_func_arg_type_fixup() would return true,
> thus bpf_program_fixup_func_info() would apply type transformation
> (convert it to bpf_user_pt_regs_t).
> And kernel before the arg:ctx series expected bpf_user_pt_regs_t
> for global subprograms called from KPROBE programs,
> hence old kernel would accept program with KPROBE/pt_regs
> thanks to libbpf manipulations.

Yep, with libbpf it's always a "time travel" kind of thinking, taking
into account old kernels.

>
> I was put off by need_func_arg_type_fixup() returning true,
> thus requiring change, and btf_validate_prog_ctx_type()
> just accepting pt_regs => not doing anything.
>
> Thank you for explaining.

Well... I didn't explain all the above, you pieced it all together yourself ;)
[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux