Commit d0903268 authored by Kumar Kartikeya Dwivedi's avatar Kumar Kartikeya Dwivedi Committed by Alexei Starovoitov
Browse files

bpf: Ensure RCU lock is held around bpf_prog_ksym_find 



Add a warning to ensure RCU lock is held around tree lookup, and then
fix one of the invocations in bpf_stack_walker. The program has an
active stack frame and won't disappear. Use the opportunity to remove
unneeded invocation of is_bpf_text_address.

Fixes: f18b03fa ("bpf: Implement BPF exceptions")
Reviewed-by: default avatarEmil Tsalapatis <emil@etsalapatis.com>
Signed-off-by: default avatarKumar Kartikeya Dwivedi <memxor@gmail.com>
Link: https://lore.kernel.org/r/20250703204818.925464-5-memxor@gmail.com


Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
parent 0e521efa

kernel/bpf/core.c

+4 −1
Original line number Diff line number Diff line
@@ -782,7 +782,10 @@ bool is_bpf_text_address(unsigned long addr) 


struct bpf_prog *bpf_prog_ksym_find(unsigned long addr)

{

	struct bpf_ksym *ksym = bpf_ksym_find(addr);

	struct bpf_ksym *ksym;



	WARN_ON_ONCE(!rcu_read_lock_held());

	ksym = bpf_ksym_find(addr);



	return ksym && ksym->prog ?

	       container_of(ksym, struct bpf_prog_aux, ksym)->prog :

kernel/bpf/helpers.c

+9 −2
Original line number Diff line number Diff line
@@ -2981,9 +2981,16 @@ static bool bpf_stack_walker(void *cookie, u64 ip, u64 sp, u64 bp) 
	struct bpf_throw_ctx *ctx = cookie;

	struct bpf_prog *prog;



	if (!is_bpf_text_address(ip))

		return !ctx->cnt;

	/*

	 * The RCU read lock is held to safely traverse the latch tree, but we

	 * don't need its protection when accessing the prog, since it has an

	 * active stack frame on the current stack trace, and won't disappear.

	 */

	rcu_read_lock();

	prog = bpf_prog_ksym_find(ip);

	rcu_read_unlock();

	if (!prog)

		return !ctx->cnt;

	ctx->cnt++;

	if (bpf_is_subprog(prog))

		return true;