From nobody Fri Dec 19 04:18:34 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id AFA47C7EE25 for ; Fri, 9 Jun 2023 00:11:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236892AbjFIALJ (ORCPT ); Thu, 8 Jun 2023 20:11:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39428 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237546AbjFIALG (ORCPT ); Thu, 8 Jun 2023 20:11:06 -0400 Received: from cheetah.elm.relay.mailchannels.net (cheetah.elm.relay.mailchannels.net [23.83.212.34]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C23B730DD for ; Thu, 8 Jun 2023 17:11:00 -0700 (PDT) X-Sender-Id: dreamhost|x-authsender|kjlx@templeofstupid.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 2F156880E01 for ; Fri, 9 Jun 2023 00:11:00 +0000 (UTC) Received: from pdx1-sub0-mail-a313.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id A80DE880D9B for ; Fri, 9 Jun 2023 00:10:59 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1686269459; a=rsa-sha256; cv=none; b=xVl12I7Jr+ac+8xr0JhvDyaf/LCISXzBj1xS/wW6v28Kr9NVysl5xoyEnkQBwIPjDewU1x 44nNMdg9x4y5fv37Yp+HHVb6xR4Q46vccYzXdw1VJ/Mz4ZujtW+6AuMv7yA7dNhs7G1jev exgfD5m2Qt0kfOsbXcpsX2bWdbMROulq6EYxhwy0GD/s0AyWai/+eb51zTGToDhgKT17Jn hLatE7sH4Epf+yUjMB5lc7W+RJ3siKPl27/R8YH7j6HdUa28yaKl2J0mUeAq97Sg1KpDhg m1sOu+BeYIbuuRo7UaKxAluVSBmgFXmf4wjXkqiE4kt91PXpmhZw9O0PfrGVeQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1686269459; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references:dkim-signature; bh=RLbI/q+jNwtC3CHXt0I4xW5xpj8BgznW9VU/aHNxfd0=; b=0DEGGbc6+xH72v5dLTCPijV4T9Kfav5eLiY15x5Yr9cscIAzcmsTbJ3lyNvvyMp7gRRBzH 5lu81STwVWD9/AS8du9nQbM2s3Kl/4O+CeIF4h2cIhI10lD6HXMAQ5xk5K017abaPcIflA cZIWXF6fK6CW4doC7Y7Df8YeVF74OIGldYPjVvVOd1DT+CTR9y7wR+DH/4dICLXGKK2x2x m6Wa2d1FVRtT9pMRSVFZ1UILLxsAx2OSLavVRiLZE6WHX7HrKr7+ZJZwiF+1uk+gXxRosx qH5VsAvHlkvYqPKGs7CW40lUTfX5SM5hNvzmTHCx4FqbWEY/gJYwYNZOJl+PVQ== ARC-Authentication-Results: i=1; rspamd-6f5cfd578c-rzxxj; auth=pass smtp.auth=dreamhost smtp.mailfrom=kjlx@templeofstupid.com X-Sender-Id: dreamhost|x-authsender|kjlx@templeofstupid.com X-MC-Relay: Good X-MailChannels-SenderId: dreamhost|x-authsender|kjlx@templeofstupid.com X-MailChannels-Auth-Id: dreamhost X-Language-Wide-Eyed: 28a2d83e185daa22_1686269459961_438677755 X-MC-Loop-Signature: 1686269459961:3199535034 X-MC-Ingress-Time: 1686269459961 Received: from pdx1-sub0-mail-a313.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.119.120.24 (trex/6.8.1); Fri, 09 Jun 2023 00:10:59 +0000 Received: from kmjvbox (c-73-93-64-36.hsd1.ca.comcast.net [73.93.64.36]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: kjlx@templeofstupid.com) by pdx1-sub0-mail-a313.dreamhost.com (Postfix) with ESMTPSA id 4QchLq2ybDzWN for ; Thu, 8 Jun 2023 17:10:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=templeofstupid.com; s=dreamhost; t=1686269459; bh=RLbI/q+jNwtC3CHXt0I4xW5xpj8BgznW9VU/aHNxfd0=; h=Date:From:To:Cc:Subject:Content-Type; b=ZV0VvWueE8CSb7L2iDzEP4wufwbaN5u4R5zhLLdIi03X5t1BN8Pzu1tuw3tEoZ3f8 77ENKM53Zmq9z1rOh4wgY5Mc22JDFdBNEvO3Tj4bqkCB60f8RfYKgcPhayh1EsGh1V yyjlFVGp+pigziGilygQhjOMvqfaBlUMXHQbtyrs= Received: from johansen (uid 1000) (envelope-from kjlx@templeofstupid.com) id e0042 by kmjvbox (DragonFly Mail Agent v0.12); Thu, 08 Jun 2023 17:10:58 -0700 Date: Thu, 8 Jun 2023 17:10:58 -0700 From: Krister Johansen To: bpf@vger.kernel.org Cc: Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , Mykola Lysenko , Shuah Khan , linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org Subject: [PATCH bpf v3 1/2] bpf: ensure main program has an extable Message-ID: References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When subprograms are in use, the main program is not jit'd after the subprograms because jit_subprogs sets a value for prog->bpf_func upon success. Subsequent calls to the JIT are bypassed when this value is non-NULL. This leads to a situation where the main program and its func[0] counterpart are both in the bpf kallsyms tree, but only func[0] has an extable. Extables are only created during JIT. Now there are two nearly identical program ksym entries in the tree, but only one has an extable. Depending upon how the entries are placed, there's a chance that a fault will call search_extable on the aux with the NULL entry. Since jit_subprogs already copies state from func[0] to the main program, include the extable pointer in this state duplication. Additionally, ensure that the copy of the main program in func[0] is not added to the bpf_prog_kallsyms table. Instead, let the main program get added later in bpf_prog_load(). This ensures there is only a single copy of the main program in the kallsyms table, and that its tag matches the tag observed by tooling like bpftool. Cc: stable@vger.kernel.org Fixes: 1c2a088a6626 ("bpf: x64: add JIT support for multi-function programs= ") Signed-off-by: Krister Johansen Acked-by: Yonghong Song --- kernel/bpf/verifier.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index 5871aa78d01a..b62d1fc0f92b 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -17214,9 +17214,10 @@ static int jit_subprogs(struct bpf_verifier_env *e= nv) } =20 /* finally lock prog and jit images for all functions and - * populate kallsysm + * populate kallsysm. Begin at the first subprogram, since + * bpf_prog_load will add the kallsyms for the main program. */ - for (i =3D 0; i < env->subprog_cnt; i++) { + for (i =3D 1; i < env->subprog_cnt; i++) { bpf_prog_lock_ro(func[i]); bpf_prog_kallsyms_add(func[i]); } @@ -17242,6 +17243,7 @@ static int jit_subprogs(struct bpf_verifier_env *en= v) prog->jited =3D 1; prog->bpf_func =3D func[0]->bpf_func; prog->jited_len =3D func[0]->jited_len; + prog->aux->extable =3D func[0]->aux->extable; prog->aux->func =3D func; prog->aux->func_cnt =3D env->subprog_cnt; bpf_prog_jit_attempt_done(prog); --=20 2.25.1 From nobody Fri Dec 19 04:18:34 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0EE8DC7EE29 for ; Fri, 9 Jun 2023 00:11:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237175AbjFIALi (ORCPT ); Thu, 8 Jun 2023 20:11:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39828 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229981AbjFIALf (ORCPT ); Thu, 8 Jun 2023 20:11:35 -0400 Received: from grey.apple.relay.mailchannels.net (grey.apple.relay.mailchannels.net [23.83.208.78]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DD7D91706 for ; Thu, 8 Jun 2023 17:11:34 -0700 (PDT) X-Sender-Id: dreamhost|x-authsender|kjlx@templeofstupid.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 1249B141412 for ; Fri, 9 Jun 2023 00:11:34 +0000 (UTC) Received: from pdx1-sub0-mail-a313.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id A1535141EAA for ; Fri, 9 Jun 2023 00:11:33 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1686269493; a=rsa-sha256; cv=none; b=zXRgaR82G2lkyJ2cW88PyKLu7UkP3x4W5Q1+TraOxDhMYkmCnAP9RKolodvBJ0IuVQSD92 Gm6qKLxswUZ0z+9yqfVuUUMf9P2uBKhN7HzpJ8wkqO1IgJtHn7WYIR4ZaPLeUzapVqM9F6 DvFNwiEbbzGWi+HakoCWNOzHpCYtLQWwyoLQTyfOPyjUCvBe5sFw2ffkAUK0GP4wBGOquo XglTcwnR3KYsdVzrsTo/Qi1P4+mbxfEG6HC58wZ+TURwQXNehNbD8j/G5X1P1FB0VJGX8O 2XRl3iO4gCOpc3NJmjtAl05bEe6KT/FTb/oYuVX/DaPK87FxonkW9g0G83Rkjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1686269493; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references:dkim-signature; bh=F8KPdDJs/fafqK8befrWeYqM6/tlnupScz2H0Ba6c8I=; b=pNBIg1SVrp5ApxMJi3cXhWmLWWa1EQRWfsTW/B6A/bLcACJO91o2KoZD34ZQtGLOnVEyda ozetTw8AJbAySBEBgo2hizecLOplJebFXS5q5ywlF2BEVm99TmwiQC3vLnQFImAr7RAZkx gjwBgNAS0QNbeI8PTHNt4suaks45ag3MUl+uRTmG+tsnrXVUkKskb0FzDN0rX5T3f+PAba KwR1QTtTFPXJtXZZd7dNQ/bnglO+SwutT5nZBE79LaJTmWiZ8zulpzDUXg4iJxcGTPTBeA /PM5z1gs3/Sv25k6ldFXeNAxHUUxFceDxses6pdSC5JqhV3NQG8eq8UMaZ4tUg== ARC-Authentication-Results: i=1; rspamd-6f5cfd578c-f2pt8; auth=pass smtp.auth=dreamhost smtp.mailfrom=kjlx@templeofstupid.com X-Sender-Id: dreamhost|x-authsender|kjlx@templeofstupid.com X-MC-Relay: Good X-MailChannels-SenderId: dreamhost|x-authsender|kjlx@templeofstupid.com X-MailChannels-Auth-Id: dreamhost X-Wipe-Power: 6c3660031629f650_1686269493890_955765820 X-MC-Loop-Signature: 1686269493890:925410726 X-MC-Ingress-Time: 1686269493889 Received: from pdx1-sub0-mail-a313.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.127.59.22 (trex/6.8.1); Fri, 09 Jun 2023 00:11:33 +0000 Received: from kmjvbox (c-73-93-64-36.hsd1.ca.comcast.net [73.93.64.36]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: kjlx@templeofstupid.com) by pdx1-sub0-mail-a313.dreamhost.com (Postfix) with ESMTPSA id 4QchMS6BFMz1pQ for ; Thu, 8 Jun 2023 17:11:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=templeofstupid.com; s=dreamhost; t=1686269492; bh=F8KPdDJs/fafqK8befrWeYqM6/tlnupScz2H0Ba6c8I=; h=Date:From:To:Cc:Subject:Content-Type; b=qVzIX9VesNFlL8xB712fCTbGsLi9rI2jI1DX5TdbS6CrxTdRRv9ANQSv2kARsBEph 4a9nkcq5WkqySs7iXyVDSKtZDMg9VNW63YrkPY/JoCjmhjUz0tPlfCHQXe872HSpzN G9Kez1ZTlvoiV4boKKxid0qGi6Naxgp2hfuSZ6AE= Received: from johansen (uid 1000) (envelope-from kjlx@templeofstupid.com) id e0042 by kmjvbox (DragonFly Mail Agent v0.12); Thu, 08 Jun 2023 17:11:31 -0700 Date: Thu, 8 Jun 2023 17:11:31 -0700 From: Krister Johansen To: bpf@vger.kernel.org Cc: Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , Mykola Lysenko , Shuah Khan , linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org Subject: [PATCH bpf v3 2/2] selftests/bpf: add a test for subprogram extables Message-ID: <9e3041e182a75f558f1132f915ddf2ee7e859c6e.1686268304.git.kjlx@templeofstupid.com> References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" In certain situations a program with subprograms may have a NULL extable entry. This should not happen, and when it does, it turns a single trap into multiple. Add a test case for further debugging and to prevent regressions. N.b: without any other patches this can panic or oops a kernel. Signed-off-by: Krister Johansen Acked-by: Ilya Leoshkevich Tested-by: Ilya Leoshkevich --- .../bpf/prog_tests/subprogs_extable.c | 31 +++++++++++++ .../bpf/progs/test_subprogs_extable.c | 46 +++++++++++++++++++ 2 files changed, 77 insertions(+) create mode 100644 tools/testing/selftests/bpf/prog_tests/subprogs_extable= .c create mode 100644 tools/testing/selftests/bpf/progs/test_subprogs_extable= .c diff --git a/tools/testing/selftests/bpf/prog_tests/subprogs_extable.c b/to= ols/testing/selftests/bpf/prog_tests/subprogs_extable.c new file mode 100644 index 000000000000..2201988274a4 --- /dev/null +++ b/tools/testing/selftests/bpf/prog_tests/subprogs_extable.c @@ -0,0 +1,31 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include +#include "test_subprogs_extable.skel.h" + +void test_subprogs_extable(void) +{ + const int READ_SZ =3D 456; + struct test_subprogs_extable *skel; + int err; + + skel =3D test_subprogs_extable__open(); + if (!ASSERT_OK_PTR(skel, "skel_open")) + return; + + err =3D test_subprogs_extable__load(skel); + if (!ASSERT_OK(err, "skel_load")) + goto cleanup; + + err =3D test_subprogs_extable__attach(skel); + if (!ASSERT_OK(err, "skel_attach")) + goto cleanup; + + /* trigger tracepoint */ + ASSERT_OK(trigger_module_test_read(READ_SZ), "trigger_read"); + + test_subprogs_extable__detach(skel); + +cleanup: + test_subprogs_extable__destroy(skel); +} diff --git a/tools/testing/selftests/bpf/progs/test_subprogs_extable.c b/to= ols/testing/selftests/bpf/progs/test_subprogs_extable.c new file mode 100644 index 000000000000..c3ff66bf4cbe --- /dev/null +++ b/tools/testing/selftests/bpf/progs/test_subprogs_extable.c @@ -0,0 +1,46 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include "vmlinux.h" +#include +#include + +struct { + __uint(type, BPF_MAP_TYPE_ARRAY); + __uint(max_entries, 8); + __type(key, __u32); + __type(value, __u64); +} test_array SEC(".maps"); + +static __u64 test_cb(struct bpf_map *map, __u32 *key, __u64 *val, void *da= ta) +{ + return 1; +} + +SEC("fexit/bpf_testmod_return_ptr") +int BPF_PROG(handle_fexit_ret_subprogs, int arg, struct file *ret) +{ + *(volatile long *)ret; + *(volatile int *)&ret->f_mode; + bpf_for_each_map_elem(&test_array, test_cb, NULL, 0); + return 0; +} + +SEC("fexit/bpf_testmod_return_ptr") +int BPF_PROG(handle_fexit_ret_subprogs2, int arg, struct file *ret) +{ + *(volatile long *)ret; + *(volatile int *)&ret->f_mode; + bpf_for_each_map_elem(&test_array, test_cb, NULL, 0); + return 0; +} + +SEC("fexit/bpf_testmod_return_ptr") +int BPF_PROG(handle_fexit_ret_subprogs3, int arg, struct file *ret) +{ + *(volatile long *)ret; + *(volatile int *)&ret->f_mode; + bpf_for_each_map_elem(&test_array, test_cb, NULL, 0); + return 0; +} + +char _license[] SEC("license") =3D "GPL"; --=20 2.25.1