Always allow sleepable and fmod_ret programs on syscalls#11318
Closed
kernel-patches-daemon-bpf[bot] wants to merge 3 commits intobpf-next_basefrom
Closed
Always allow sleepable and fmod_ret programs on syscalls#11318kernel-patches-daemon-bpf[bot] wants to merge 3 commits intobpf-next_basefrom
kernel-patches-daemon-bpf[bot] wants to merge 3 commits intobpf-next_basefrom
Conversation
Author
|
Upstream branch: 6dd780f |
Author
|
Upstream branch: 6dd780f |
kernel-patches-daemon-bpf
Bot
force-pushed
the
series/1062602=>bpf-next
branch
from
93ca2c4 to
4e2d2d9
Compare
kernel-patches-daemon-bpf
Bot
force-pushed
the
bpf-next_base
branch
from
59120bd to
94aca0b
Compare
Author
|
Upstream branch: 099bded |
kernel-patches-daemon-bpf
Bot
force-pushed
the
series/1062602=>bpf-next
branch
from
4e2d2d9 to
2f58532
Compare
Sleepable BPF programs can only be attached to selected functions. For convenience, the error injection list was originally used, which contains syscalls and several other functions. When error injection is disabled (CONFIG_FUNCTION_ERROR_INJECTION=n), that list is empty and sleepable tracing programs are effectively unavailable. In such a case, at least enable sleepable programs on syscalls. For discussion why syscalls were chosen, see [1]. To detect that a function is a syscall handler, we check for arch-specific prefixes for the most common architectures. Unfortunately, the prefixes are hard-coded in arch syscall code so we need to hard-code them, too. [1] https://lore.kernel.org/bpf/CAADnVQK6qP8izg+k9yV0vdcT-+=axtFQ2fKw7D-2Ei-V6WS5Dw@mail.gmail.com/ Signed-off-by: Viktor Malik <vmalik@redhat.com> Acked-by: Kumar Kartikeya Dwivedi <memxor@gmail.com> Acked-by: Leon Hwang <leon.hwang@linux.dev>
fmod_ret BPF programs can only be attached to selected functions. For convenience, the error injection list was originally used (along with functions prefixed with "security_"), which contains syscalls and several other functions. When error injection is disabled (CONFIG_FUNCTION_ERROR_INJECTION=n), that list is empty and fmod_ret programs are effectively unavailable for most of the functions. In such a case, at least enable fmod_ret programs on syscalls. Signed-off-by: Viktor Malik <vmalik@redhat.com> Acked-by: Kumar Kartikeya Dwivedi <memxor@gmail.com> Acked-by: Leon Hwang <leon.hwang@linux.dev>
Now that sleepable programs are always enabled on syscalls, let refcounted_kptr tests use syscalls rather than bpf_testmod_test_read, which is not sleepable with error injection disabled. The tests just check that the verifier can handle usage of RCU locks in sleepable programs and never actually attach. So, the attachment target doesn't matter (as long as it is sleepable) and with syscalls, the tests pass on kernels with disabled error injection. Signed-off-by: Viktor Malik <vmalik@redhat.com> Acked-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
Author
|
Upstream branch: 099bded |
kernel-patches-daemon-bpf
Bot
force-pushed
the
series/1062602=>bpf-next
branch
from
2f58532 to
b8b1d65
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Pull request for series with
subject: Always allow sleepable and fmod_ret programs on syscalls
version: 2
url: https://patchwork.kernel.org/project/netdevbpf/list/?series=1062602