On Sun, Jun 18, 2023 at 6:14 AM Jiri Olsa <jolsa@xxxxxxxxxx> wrote:
>
> We currently allow to create perf link for program with
> expected_attach_type == BPF_TRACE_KPROBE_MULTI.
>
> This will cause crash when we call helpers like get_attach_cookie or
> get_func_ip in such program, because it will call the kprobe_multi's
> version (current->bpf_ctx context setup) of those helpers while it
> expects perf_link's current->bpf_ctx context setup.
>
> Making sure that we use BPF_TRACE_KPROBE_MULTI expected_attach_type
> only for programs attaching through kprobe_multi link.
>
> Fixes: ca74823c6e16 ("bpf: Add cookie support to programs attached with kprobe multi link")
> Signed-off-by: Jiri Olsa <jolsa@xxxxxxxxxx>
> ---
> kernel/bpf/syscall.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> v2 changes:
> - moved the check to bpf_prog_attach_check_attach_type [Andrii]
>
> diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
> index 0c21d0d8efe4..129cc5c276c0 100644
> --- a/kernel/bpf/syscall.c
> +++ b/kernel/bpf/syscall.c
> @@ -3440,6 +3440,11 @@ static int bpf_prog_attach_check_attach_type(const struct bpf_prog *prog,
> return prog->enforce_expected_attach_type &&
> prog->expected_attach_type != attach_type ?
> -EINVAL : 0;
> + case BPF_PROG_TYPE_KPROBE:
> + if (prog->expected_attach_type == BPF_TRACE_KPROBE_MULTI &&
> + attach_type != BPF_TRACE_KPROBE_MULTI)
> + return -EINVAL;
> + fallthrough;
there is no point in falling through (other branches return without
falling through as well), so I replaced this with `return 0;` and
applied to bpf tree, thanks.
> default:
> return 0;
> }
> --
> 2.41.0
>
