review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Yonghong Song <yhs@fb.com>
	Sat, 3 Dec 2022 18:46:02 +0000 (10:46 -0800)
committer	Alexei Starovoitov <ast@kernel.org>
	Sun, 4 Dec 2022 20:52:40 +0000 (12:52 -0800)
commit	fca1aa75518c03b04c3c249e9a9134faf9ca18c5
tree	5981ba7fb846f4f58f1210a03cee3058bb86354c	tree \| snapshot
parent	706819495921ddad6b3780140b9d9e9293b6dedc	commit \| diff

bpf: Handle MEM_RCU type properly

Commit 9bb00b2895cb ("bpf: Add kfunc bpf_rcu_read_lock/unlock()")
introduced MEM_RCU and bpf_rcu_read_lock/unlock() support. In that
commit, a rcu pointer is tagged with both MEM_RCU and PTR_TRUSTED
so that it can be passed into kfuncs or helpers as an argument.

Martin raised a good question in [1] such that the rcu pointer,
although being able to accessing the object, might have reference
count of 0. This might cause a problem if the rcu pointer is passed
to a kfunc which expects trusted arguments where ref count should
be greater than 0.

This patch makes the following changes related to MEM_RCU pointer:
  - MEM_RCU pointer might be NULL (PTR_MAYBE_NULL).
  - Introduce KF_RCU so MEM_RCU ptr can be acquired with
    a KF_RCU tagged kfunc which assumes ref count of rcu ptr
    could be zero.
  - For mem access 'b = ptr->a', say 'ptr' is a MEM_RCU ptr, and
    'a' is tagged with __rcu as well. Let us mark 'b' as
    MEM_RCU | PTR_MAYBE_NULL.

[1] https://lore.kernel.org/bpf/ac70f574-4023-664e-b711-e0d3b18117fd@linux.dev/

Fixes: 9bb00b2895cb ("bpf: Add kfunc bpf_rcu_read_lock/unlock()")
Signed-off-by: Yonghong Song <yhs@fb.com>
Link: https://lore.kernel.org/r/20221203184602.477272-1-yhs@fb.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

include/linux/bpf_verifier.h		diff \| blob \| history
include/linux/btf.h		diff \| blob \| history
kernel/bpf/helpers.c		diff \| blob \| history
kernel/bpf/verifier.c		diff \| blob \| history