Re: [bug report] bpf: Support ->fill_link_info for perf_event

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, Jul 17, 2023 at 5:14 PM Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:
>
> Hello Yafang Shao,
>
> The patch 1b715e1b0ec5: "bpf: Support ->fill_link_info for
> perf_event" from Jul 9, 2023, leads to the following Smatch static
> checker warning:
>
>         kernel/bpf/syscall.c:3416 bpf_perf_link_fill_kprobe()
>         error: uninitialized symbol 'type'.

Thanks for your report !

>
> kernel/bpf/syscall.c
>     3402 static int bpf_perf_link_fill_kprobe(const struct perf_event *event,
>     3403                                      struct bpf_link_info *info)
>     3404 {
>     3405         char __user *uname;
>     3406         u64 addr, offset;
>     3407         u32 ulen, type;
>     3408         int err;
>     3409
>     3410         uname = u64_to_user_ptr(info->perf_event.kprobe.func_name);
>     3411         ulen = info->perf_event.kprobe.name_len;
>     3412         err = bpf_perf_link_fill_common(event, uname, ulen, &offset, &addr,
>     3413                                         &type);
>     3414         if (err)
>     3415                 return err;
> --> 3416         if (type == BPF_FD_TYPE_KRETPROBE)
>
> It looks like you could call bpf_get_perf_event_info() without it
> initializing *fd_type to anything.

It can only happen when uname==NULL.  So I think the change below can fix it.

diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
index ee8cb1a..3c29211 100644
--- a/kernel/bpf/syscall.c
+++ b/kernel/bpf/syscall.c
@@ -3374,16 +3374,16 @@ static int bpf_perf_link_fill_common(const
struct perf_event *event,
        size_t len;
        int err;

-       if (!ulen ^ !uname)
-               return -EINVAL;
-       if (!uname)
-               return 0;
-
        err = bpf_get_perf_event_info(event, &prog_id, fd_type, &buf,
                                      probe_offset, probe_addr);
        if (err)
                return err;

+       if (!ulen ^ !uname)
+               return -EINVAL;
+       if (!uname)
+               return 0;
+
        if (buf) {
                len = strlen(buf);
                err = bpf_copy_to_user(uname, buf, ulen, len);


>  Meanwhile if you initialize it to
> zero here, that won't even affect the compiled code at all because
> everyone zeroes stack data these days.
>
>     3417                 info->perf_event.type = BPF_PERF_EVENT_KRETPROBE;
>     3418         else
>     3419                 info->perf_event.type = BPF_PERF_EVENT_KPROBE;
>     3420
>     3421         info->perf_event.kprobe.offset = offset;
>     3422         if (!kallsyms_show_value(current_cred()))
>     3423                 addr = 0;
>     3424         info->perf_event.kprobe.addr = addr;
>     3425         return 0;
>     3426 }
>
> regards,
> dan carpenter



-- 
Regards
Yafang
[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux