Commit 5b92a28aae4d ("bpf: Support attaching tracing BPF program to
other BPF programs") added support to attach tracing bpf program to
other bpf programs. It had a bug when trying to get the address
of the jited image if the main program does not have any callees,
resulting in the following kernel segfault:
......
[79162.619208] BUG: kernel NULL pointer dereference, address:
0000000000000000
......
[79162.634255] Call Trace:
[79162.634974] ? _cond_resched+0x15/0x30
[79162.635686] ? kmem_cache_alloc_trace+0x162/0x220
[79162.636398] ? selinux_bpf_prog_alloc+0x1f/0x60
[79162.637111] bpf_prog_load+0x3de/0x690
[79162.637809] __do_sys_bpf+0x105/0x1740
[79162.638488] do_syscall_64+0x5b/0x180
[79162.639147] entry_SYSCALL_64_after_hwframe+0x44/0xa9
Patch #1 fixed the problem with more explanation in the commit message.
Patch #2 added a selftest which will fail without this patch.
Yonghong Song (2):
bpf: fix a bug to get subprog 0 jited image in check_attach_btf_id
selftests/bpf: add a fexit/bpf2bpf test with target bpf prog no
callees
kernel/bpf/verifier.c | 5 +-
.../selftests/bpf/prog_tests/fexit_bpf2bpf.c | 70 ++++++++++++++-----
.../bpf/progs/fexit_bpf2bpf_simple.c | 26 +++++++
.../selftests/bpf/progs/test_pkt_md_access.c | 4 +-
4 files changed, 85 insertions(+), 20 deletions(-)
create mode 100644 tools/testing/selftests/bpf/progs/fexit_bpf2bpf_simple.c
--
2.17.1
