[v3] Use correct destructor kfunc types

[PATCH bpf-next v3 4/4] bpf, btf: Enforce destructor kfunc type with CFI

Posted by Sami Tolvanen 2 months, 1 week ago

Ensure that registered destructor kfuncs have the same type
as btf_dtor_kfunc_t to avoid a kernel panic on systems with
CONFIG_CFI_CLANG enabled.

Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
---
 kernel/bpf/btf.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c
index 0aff814cb53a..2b0ebd46db4a 100644
--- a/kernel/bpf/btf.c
+++ b/kernel/bpf/btf.c
@@ -8856,6 +8856,13 @@ static int btf_check_dtor_kfuncs(struct btf *btf, const struct btf_id_dtor_kfunc
 		 */
 		if (!t || !btf_type_is_ptr(t))
 			return -EINVAL;
+
+		if (IS_ENABLED(CONFIG_CFI_CLANG)) {
+			/* Ensure the destructor kfunc type matches btf_dtor_kfunc_t */
+			t = btf_type_by_id(btf, t->type);
+			if (!btf_type_is_void(t))
+				return -EINVAL;
+		}
 	}
 	return 0;
 }
-- 
2.50.1.552.g942d659e1b-goog

[PATCH bpf-next v3 1/4] bpf: crypto: Use the correct destructor kfunc type
[PATCH bpf-next v3 2/4] bpf: net_sched: Use the correct destructor kfunc type
[PATCH bpf-next v3 3/4] selftests/bpf: Use the correct destructor kfunc type
[PATCH bpf-next v3 4/4] bpf, btf: Enforce destructor kfunc type with CFI