Commit 582573f1 authored by Jakub Kicinski's avatar Jakub Kicinski
Browse files

Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf 

Daniel Borkmann says:

====================
pull-request: bpf 2022-06-17

We've added 12 non-merge commits during the last 4 day(s) which contain
a total of 14 files changed, 305 insertions(+), 107 deletions(-).

The main changes are:

1) Fix x86 JIT tailcall count offset on BPF-2-BPF call, from Jakub Sitnicki.

2) Fix a kprobe_multi link bug which misplaces BPF cookies, from Jiri Olsa.

3) Fix an infinite loop when processing a module's BTF, from Kumar Kartikeya Dwivedi.

4) Fix getting a rethook only in RCU available context, from Masami Hiramatsu.

5) Fix request socket refcount leak in sk lookup helpers, from Jon Maxwell.

6) Fix xsk xmit behavior which wrongly adds skb to already full cq, from Ciara Loftus.

* https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf:
  rethook: Reject getting a rethook if RCU is not watching
  fprobe, samples: Add use_trace option and show hit/missed counter
  bpf, docs: Update some of the JIT/maintenance entries
  selftest/bpf: Fix kprobe_multi bench test
  bpf: Force cookies array to follow symbols sorting
  ftrace: Keep address offset in ftrace_lookup_symbols
  selftests/bpf: Shuffle cookies symbols in kprobe multi test
  selftests/bpf: Test tail call counting with bpf2bpf and data on stack
  bpf, x86: Fix tail call count offset calculation on bpf2bpf call
  bpf: Limit maximum modifier chain length in btf_check_type_tags
  bpf: Fix request_sock leak in sk lookup helpers
  xsk: Fix generic transmit when completion queue reservation fails
====================

Link: https://lore.kernel.org/r/20220617202119.2421-1-daniel@iogearbox.net


Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parents b4a028c4 c0f3bb40

MAINTAINERS

+20 −21
Original line number Diff line number Diff line
@@ -3662,7 +3662,7 @@ BPF JIT for ARM 
M:	Shubham Bansal <illusionist.neo@gmail.com>

L:	netdev@vger.kernel.org

L:	bpf@vger.kernel.org

S:	Maintained

S:	Odd Fixes

F:	arch/arm/net/









BPF JIT for ARM64








@@ -3686,14 +3686,15 @@ BPF JIT for NFP NICs







M:	Jakub Kicinski <kuba@kernel.org>









L:	netdev@vger.kernel.org









L:	bpf@vger.kernel.org









S:	Supported









S:	Odd Fixes









F:	drivers/net/ethernet/netronome/nfp/bpf/

















BPF JIT for POWERPC (32-BIT AND 64-BIT)









M:	Naveen N. Rao <naveen.n.rao@linux.ibm.com>









M:	Michael Ellerman <mpe@ellerman.id.au>









L:	netdev@vger.kernel.org









L:	bpf@vger.kernel.org









S:	Maintained









S:	Supported









F:	arch/powerpc/net/

















BPF JIT for RISC-V (32-bit)








@@ -3719,7 +3720,7 @@ M:	Heiko Carstens <hca@linux.ibm.com>







M:	Vasily Gorbik <gor@linux.ibm.com>









L:	netdev@vger.kernel.org









L:	bpf@vger.kernel.org









S:	Maintained









S:	Supported









F:	arch/s390/net/









X:	arch/s390/net/pnet.c
















@@ -3727,14 +3728,14 @@ BPF JIT for SPARC (32-BIT AND 64-BIT)







M:	David S. Miller <davem@davemloft.net>









L:	netdev@vger.kernel.org









L:	bpf@vger.kernel.org









S:	Maintained









S:	Odd Fixes









F:	arch/sparc/net/

















BPF JIT for X86 32-BIT









M:	Wang YanQing <udknight@gmail.com>









L:	netdev@vger.kernel.org









L:	bpf@vger.kernel.org









S:	Maintained









S:	Odd Fixes









F:	arch/x86/net/bpf_jit_comp32.c

















BPF JIT for X86 64-BIT








@@ -3757,6 +3758,19 @@ F:	include/linux/bpf_lsm.h







F:	kernel/bpf/bpf_lsm.c









F:	security/bpf/

















BPF L7 FRAMEWORK









M:	John Fastabend <john.fastabend@gmail.com>









M:	Jakub Sitnicki <jakub@cloudflare.com>









L:	netdev@vger.kernel.org









L:	bpf@vger.kernel.org









S:	Maintained









F:	include/linux/skmsg.h









F:	net/core/skmsg.c









F:	net/core/sock_map.c









F:	net/ipv4/tcp_bpf.c









F:	net/ipv4/udp_bpf.c









F:	net/unix/unix_bpf.c

















BPFTOOL









M:	Quentin Monnet <quentin@isovalent.com>









L:	bpf@vger.kernel.org








@@ -11096,20 +11110,6 @@ S:	Maintained







F:	include/net/l3mdev.h









F:	net/l3mdev

















L7 BPF FRAMEWORK









M:	John Fastabend <john.fastabend@gmail.com>









M:	Daniel Borkmann <daniel@iogearbox.net>









M:	Jakub Sitnicki <jakub@cloudflare.com>









L:	netdev@vger.kernel.org









L:	bpf@vger.kernel.org









S:	Maintained









F:	include/linux/skmsg.h









F:	net/core/skmsg.c









F:	net/core/sock_map.c









F:	net/ipv4/tcp_bpf.c









F:	net/ipv4/udp_bpf.c









F:	net/unix/unix_bpf.c

















LANDLOCK SECURITY MODULE









M:	Mickaël Salaün <mic@digikod.net>









L:	linux-security-module@vger.kernel.org








@@ -13952,7 +13952,6 @@ F:	net/ipv6/tcp*.c







NETWORKING [TLS]









M:	Boris Pismenny <borisp@nvidia.com>









M:	John Fastabend <john.fastabend@gmail.com>









M:	Daniel Borkmann <daniel@iogearbox.net>









M:	Jakub Kicinski <kuba@kernel.org>









L:	netdev@vger.kernel.org









S:	Maintained
































arch/x86/net/bpf_jit_comp.c



+2
−1






























Original line number
Diff line number
Diff line







@@ -1420,8 +1420,9 @@ st:			if (is_imm8(insn->off))







		case BPF_JMP | BPF_CALL:









			func = (u8 *) __bpf_call_base + imm32;









			if (tail_call_reachable) {









				/* mov rax, qword ptr [rbp - rounded_stack_depth - 8] */









				EMIT3_off32(0x48, 0x8B, 0x85,









					    -(bpf_prog->aux->stack_depth + 8));









					    -round_up(bpf_prog->aux->stack_depth, 8) - 8);









				if (!imm32 || emit_call(&prog, func, image + addrs[i - 1] + 7))









					return -EINVAL;









			} else {
































kernel/bpf/btf.c



+5
−0






























Original line number
Diff line number
Diff line







@@ -4815,6 +4815,7 @@ static int btf_check_type_tags(struct btf_verifier_env *env,







	n = btf_nr_types(btf);









	for (i = start_id; i < n; i++) {









		const struct btf_type *t;









		int chain_limit = 32;









		u32 cur_id = i;



















		t = btf_type_by_id(btf, i);








@@ -4827,6 +4828,10 @@ static int btf_check_type_tags(struct btf_verifier_env *env,

















		in_tags = btf_type_is_type_tag(t);









		while (btf_type_is_modifier(t)) {









			if (!chain_limit--) {









				btf_verifier_log(env, "Max chain length or cycle detected");









				return -ELOOP;









			}









			if (btf_type_is_type_tag(t)) {









				if (!in_tags) {









					btf_verifier_log(env, "Type tags don't precede modifiers");
































kernel/trace/bpf_trace.c



+45
−15






























Original line number
Diff line number
Diff line







@@ -2423,7 +2423,7 @@ kprobe_multi_link_handler(struct fprobe *fp, unsigned long entry_ip,







	kprobe_multi_link_prog_run(link, entry_ip, regs);









}



















static int symbols_cmp(const void *a, const void *b)









static int symbols_cmp_r(const void *a, const void *b, const void *priv)









{









	const char **str_a = (const char **) a;









	const char **str_b = (const char **) b;








@@ -2431,6 +2431,28 @@ static int symbols_cmp(const void *a, const void *b)







	return strcmp(*str_a, *str_b);









}



















struct multi_symbols_sort {









	const char **funcs;









	u64 *cookies;









};



















static void symbols_swap_r(void *a, void *b, int size, const void *priv)









{









	const struct multi_symbols_sort *data = priv;









	const char **name_a = a, **name_b = b;



















	swap(*name_a, *name_b);



















	/* If defined, swap also related cookies. */









	if (data->cookies) {









		u64 *cookie_a, *cookie_b;



















		cookie_a = data->cookies + (name_a - data->funcs);









		cookie_b = data->cookies + (name_b - data->funcs);









		swap(*cookie_a, *cookie_b);









	}









}



















int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *prog)









{









	struct bpf_kprobe_multi_link *link = NULL;








@@ -2468,38 +2490,46 @@ int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *pr







	if (!addrs)









		return -ENOMEM;



















	ucookies = u64_to_user_ptr(attr->link_create.kprobe_multi.cookies);









	if (ucookies) {









		cookies = kvmalloc_array(cnt, sizeof(*addrs), GFP_KERNEL);









		if (!cookies) {









			err = -ENOMEM;









			goto error;









		}









		if (copy_from_user(cookies, ucookies, size)) {









			err = -EFAULT;









			goto error;









		}









	}



















	if (uaddrs) {









		if (copy_from_user(addrs, uaddrs, size)) {









			err = -EFAULT;









			goto error;









		}









	} else {









		struct multi_symbols_sort data = {









			.cookies = cookies,









		};









		struct user_syms us;



















		err = copy_user_syms(&us, usyms, cnt);









		if (err)









			goto error;



















		sort(us.syms, cnt, sizeof(*us.syms), symbols_cmp, NULL);









		if (cookies)









			data.funcs = us.syms;



















		sort_r(us.syms, cnt, sizeof(*us.syms), symbols_cmp_r,









		       symbols_swap_r, &data);



















		err = ftrace_lookup_symbols(us.syms, cnt, addrs);









		free_user_syms(&us);









		if (err)









			goto error;









	}



















	ucookies = u64_to_user_ptr(attr->link_create.kprobe_multi.cookies);









	if (ucookies) {









		cookies = kvmalloc_array(cnt, sizeof(*addrs), GFP_KERNEL);









		if (!cookies) {









			err = -ENOMEM;









			goto error;









		}









		if (copy_from_user(cookies, ucookies, size)) {









			err = -EFAULT;









			goto error;









		}









	}



















	link = kzalloc(sizeof(*link), GFP_KERNEL);









	if (!link) {









		err = -ENOMEM;
































kernel/trace/ftrace.c



+11
−2






























Original line number
Diff line number
Diff line







@@ -8029,15 +8029,23 @@ static int kallsyms_callback(void *data, const char *name,







			     struct module *mod, unsigned long addr)









{









	struct kallsyms_data *args = data;









	const char **sym;









	int idx;



















	sym = bsearch(&name, args->syms, args->cnt, sizeof(*args->syms), symbols_cmp);









	if (!sym)









		return 0;



















	if (!bsearch(&name, args->syms, args->cnt, sizeof(*args->syms), symbols_cmp))









	idx = sym - args->syms;









	if (args->addrs[idx])









		return 0;



















	addr = ftrace_location(addr);









	if (!addr)









		return 0;



















	args->addrs[args->found++] = addr;









	args->addrs[idx] = addr;









	args->found++;









	return args->found == args->cnt ? 1 : 0;









}


















@@ -8062,6 +8070,7 @@ int ftrace_lookup_symbols(const char **sorted_syms, size_t cnt, unsigned long *a







	struct kallsyms_data args;









	int err;



















	memset(addrs, 0, sizeof(*addrs) * cnt);









	args.addrs = addrs;









	args.syms = sorted_syms;









	args.cnt = cnt;