On Thu, Feb 8, 2024 at 7:53 AM Yonghong Song <yonghong.song@xxxxxxxxx> wrote:
>
>
> On 2/8/24 1:41 AM, Chuyi Zhou wrote:
> > Hello,
> >
> > 在 2024/2/8 17:09, Yafang Shao 写道:
> >> Failure to initialize it->pos, coupled with the presence of an invalid
> >> value in the flags variable, can lead to it->pos referencing an invalid
> >> task, potentially resulting in a kernel panic. To mitigate this risk,
> >> it's
> >> crucial to ensure proper initialization of it->pos to 0.
> >>
> >> Fixes: c68a78ffe2cb ("bpf: Introduce task open coded iterator kfuncs")
> >> Signed-off-by: Yafang Shao <laoar.shao@xxxxxxxxx>
> >> Cc: Chuyi Zhou <zhouchuyi@xxxxxxxxxxxxx>
> >> ---
> >> kernel/bpf/task_iter.c | 2 ++
> >> 1 file changed, 2 insertions(+)
> >>
> >> diff --git a/kernel/bpf/task_iter.c b/kernel/bpf/task_iter.c
> >> index e5c3500443c6..ec4e97c61eef 100644
> >> --- a/kernel/bpf/task_iter.c
> >> +++ b/kernel/bpf/task_iter.c
> >> @@ -978,6 +978,8 @@ __bpf_kfunc int bpf_iter_task_new(struct
> >> bpf_iter_task *it,
> >> BUILD_BUG_ON(__alignof__(struct bpf_iter_task_kern) !=
> >> __alignof__(struct bpf_iter_task));
> >> + kit->pos = NULL;
> >> +
> >> switch (flags) {
> >> case BPF_TASK_ITER_ALL_THREADS:
> >> case BPF_TASK_ITER_ALL_PROCS:
> >
> > LGTM.
> >
> > Actually commit c68a78ffe2c ("bpf: Introduce task open coded iterator
> > kfuncs") initialize it->pos to NULL. But it seems the following commit
> > ac8148d957f5043 ("bpf: bpf_iter_task_next: use next_task(kit->task)
> > rather than next_task(kit->pos)") drops this initialization.
>
> Sorry, I missed this during reviewing commit ac8148d957f5043.
> Your change LGTM.
Ohh. Pls cc Oleg when you respin.
> Acked-by: Yonghong Song <yonghong.song@xxxxxxxxx>
>
>
