This is part 3 of https://lore.kernel.org/all/20230119235833.2948341-1-void@xxxxxxxxxxxxx/ Part 2: https://lore.kernel.org/bpf/20230120192523.3650503-1-void@xxxxxxxxxxxxx/ This series is based off of commit b613d335a743 ("bpf: Allow trusted args to walk struct when checking BTF IDs"). Changelog: ---------- v2 -> v3: - Rebase onto master (commit described above). Only conflict that required resolution was updating the task_kfunc selftest suite error message location. - Put copyright onto one line in kernel/bpf/cpumask.c. - Remove now-unneeded pid-checking logic from progs/nested_trust_success.c. - Fix a couple of small grammatical typos in documentation. v1 -> v2: - Put back 'static' keyword in bpf_find_btf_id() (kernel test robot <lkp@xxxxxxxxx>) - Surround cpumask kfuncs in __diag() blocks to avoid no-prototype build warnings (kernel test robot <lkp@xxxxxxxxx>) - Enable ___init suffixes to a type definition to signal that a type is a nocast alias of another type. That is, that when passed to a kfunc that expects one of the two types, the verifier will reject the other even if they're equivalent according to the C standard (Kumar and Alexei) - Reject NULL for all trusted args, not just PTR_TO_MEM (Kumar) - Reject both NULL and PTR_MAYBE_NULL for all trusted args (Kumar and Alexei ) - Improve examples given in cpumask documentation (Alexei) - Use __success macro for nested_trust test (Alexei) - Fix comment typo in struct bpf_cpumask comment header. - Fix another example in the bpf_cpumask doc examples. - Add documentation for ___init suffix change mentioned above. David Vernet (7): bpf: Disallow NULLable pointers for trusted kfuncs bpf: Enable cpumasks to be queried and used as kptrs selftests/bpf: Add nested trust selftests suite selftests/bpf: Add selftest suite for cpumask kfuncs bpf/docs: Document cpumask kfuncs in a new file bpf/docs: Document how nested trusted fields may be defined bpf/docs: Document the nocast aliasing behavior of ___init Documentation/bpf/cpumasks.rst | 393 +++++++++++++++ Documentation/bpf/index.rst | 1 + Documentation/bpf/kfuncs.rst | 76 ++- kernel/bpf/Makefile | 1 + kernel/bpf/cpumask.c | 476 ++++++++++++++++++ kernel/bpf/verifier.c | 6 + tools/testing/selftests/bpf/DENYLIST.s390x | 2 + .../selftests/bpf/prog_tests/cgrp_kfunc.c | 4 +- .../selftests/bpf/prog_tests/cpumask.c | 74 +++ .../selftests/bpf/prog_tests/nested_trust.c | 12 + .../selftests/bpf/progs/cpumask_common.h | 114 +++++ .../selftests/bpf/progs/cpumask_failure.c | 126 +++++ .../selftests/bpf/progs/cpumask_success.c | 426 ++++++++++++++++ .../selftests/bpf/progs/nested_trust_common.h | 12 + .../bpf/progs/nested_trust_failure.c | 33 ++ .../bpf/progs/nested_trust_success.c | 19 + .../selftests/bpf/progs/task_kfunc_failure.c | 4 +- 17 files changed, 1774 insertions(+), 5 deletions(-) create mode 100644 Documentation/bpf/cpumasks.rst create mode 100644 kernel/bpf/cpumask.c create mode 100644 tools/testing/selftests/bpf/prog_tests/cpumask.c create mode 100644 tools/testing/selftests/bpf/prog_tests/nested_trust.c create mode 100644 tools/testing/selftests/bpf/progs/cpumask_common.h create mode 100644 tools/testing/selftests/bpf/progs/cpumask_failure.c create mode 100644 tools/testing/selftests/bpf/progs/cpumask_success.c create mode 100644 tools/testing/selftests/bpf/progs/nested_trust_common.h create mode 100644 tools/testing/selftests/bpf/progs/nested_trust_failure.c create mode 100644 tools/testing/selftests/bpf/progs/nested_trust_success.c -- 2.39.0
