Hi folks,
While running BPF self-tests with CONFIG_CFI (Control Flow
Integrity) enabled, I ran into a couple of failures in
bpf_obj_free_fields() caused by type mismatches between the
btf_dtor_kfunc_t function pointer type and the registered
destructor functions.
It looks like we can't change the argument type for these
functions to match btf_dtor_kfunc_t because the verifier doesn't
like void pointer arguments for functions used in BPF programs,
so this series fixes the issue by adding stubs with correct types
to use as destructors for each instance of this I found in the
kernel tree.
The last patch changes btf_check_dtor_kfuncs() to enforce the
function type when CFI is enabled, so we don't end up registering
destructors that panic the kernel.
Sami
---
v5:
- Rebased on bpf-next/master again.
v4: https://lore.kernel.org/bpf/20251126221724.897221-6-samitolvanen@google.com/
- Rebased on bpf-next/master.
- Renamed CONFIG_CFI_CLANG to CONFIG_CFI.
- Picked up Acked/Tested-by tags.
v3: https://lore.kernel.org/bpf/20250728202656.559071-6-samitolvanen@google.com/
- Renamed the functions and went back to __bpf_kfunc based
on review feedback.
v2: https://lore.kernel.org/bpf/20250725214401.1475224-6-samitolvanen@google.com/
- Annotated the stubs with CFI_NOSEAL to fix issues with IBT
sealing on x86.
- Changed __bpf_kfunc to explicit __used __retain.
v1: https://lore.kernel.org/bpf/20250724223225.1481960-6-samitolvanen@google.com/
---
Sami Tolvanen (4):
bpf: crypto: Use the correct destructor kfunc type
bpf: net_sched: Use the correct destructor kfunc type
selftests/bpf: Use the correct destructor kfunc type
bpf, btf: Enforce destructor kfunc type with CFI
kernel/bpf/btf.c | 7 +++++++
kernel/bpf/crypto.c | 8 +++++++-
net/sched/bpf_qdisc.c | 8 +++++++-
tools/testing/selftests/bpf/test_kmods/bpf_testmod.c | 8 +++++++-
4 files changed, 28 insertions(+), 3 deletions(-)
base-commit: 5714ca8cba5ed736f3733663c446cbee63a10a64
--
2.52.0.457.g6b5491de43-goog