Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp9063757pxu; Mon, 28 Dec 2020 05:47:32 -0800 (PST) X-Google-Smtp-Source: ABdhPJwW4LhFYzuRhiR9u6UXQIoiJrkoQg6SGa4Cp96/xkbF6oLhqw94NVg2d4BJsqu60nRrnKnj X-Received: by 2002:a17:907:20cc:: with SMTP id qq12mr43628385ejb.316.1609163252160; Mon, 28 Dec 2020 05:47:32 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1609163252; cv=none; d=google.com; s=arc-20160816; b=bliIxkIqn8HKsVPGSjv4eo4G+bEsn08YjCCLlx0POJ6Ep77ufA/1cGfZStMIgW5UqT nO49c+vhdkQSDQY+3S/g4nqGDyLg6CauSfvj8cjqouAzr2fm1O7GcZV8bCWHsybCoAC9 DkWXc5JvfS0bbx5SXPHXmjCDYok/qw8zmm4vzSXU/s4KQAfxXkrhOA0i++jQnsDCyTS8 fvMFw82lpfm/zzMwipq9Sy7SoXg9wDdbiDtOIEv0Swcy7NZkxd2w47EZ4PH2Bhd3F/Pu XxmOtYBVMwtZI2aIqGNmwQnDcBbdg9oHfybjwXvQ8N7h8lSSO5hd/kBwtxu0hAfZ/p8t cF6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=n512KkesADkae7ULbNcOa6TxNewa5ciMCNbtZAApp44=; b=LYwMVcGIpRX0kGySnpuLzb33IJVxRCa+tDqb7LZqCRjI6YSrJN0LDJIwNT4z1f/+R2 evd+ic6wSiSMTAjWV9ZLXtsncKD7qNxisihuhacD/kxHk1KTh0Zz/MWSwnjwOpbQQ8cE AzZmgAZ+1bo/S6hrtEYQL/vqyyCExxH9B9jDUBFjPWHLkgUcSHmDvb6tqNiKXvODDjis h5sXROXRokC0d+QCFBu5dzGOvR7Ne1r2qWk1fRCTl7i1p/XWZ07zOLIZQK4YspjGYN3R nk4uneNwL0dIO2ykdSVpIGHbp4VunTqHVtUiLmsKaO/3WApD9Q3epjoQeFLakZyqLO4F 3/Sw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=0PbTalQY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id z21si19259363ejj.256.2020.12.28.05.47.08; Mon, 28 Dec 2020 05:47:32 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=0PbTalQY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2404645AbgL1Nom (ORCPT + 99 others); Mon, 28 Dec 2020 08:44:42 -0500 Received: from mail.kernel.org ([198.145.29.99]:44828 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2404549AbgL1NoG (ORCPT ); Mon, 28 Dec 2020 08:44:06 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 1C05E208BA; Mon, 28 Dec 2020 13:43:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1609163005; bh=gmiXf0qrwhxFS4LZtMKgA/seRT37Go2stVujl5wb29s=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=0PbTalQYRv47TZZ+bOSPpT86C6HOy8LxdwwA4/xVzQ4sOYVbhh0r9p3bkoiQuBX74 mggQBqCkUYQC8bREArpUISGNesl9ZXp3+gxqTZgz5gDtNKWLicl/zjWRShuAd/KWuH 2EPlmUYKFWbspffzWAJgFfXV1f+POFJ7aleR617A= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Andrii Nakryiko , Alexei Starovoitov , Sasha Levin Subject: [PATCH 5.4 106/453] libbpf: Fix BTF data layout checks and allow empty BTF Date: Mon, 28 Dec 2020 13:45:42 +0100 Message-Id: <20201228124942.316302285@linuxfoundation.org> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20201228124937.240114599@linuxfoundation.org> References: <20201228124937.240114599@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Andrii Nakryiko [ Upstream commit d8123624506cd62730c9cd9c7672c698e462703d ] Make data section layout checks stricter, disallowing overlap of types and strings data. Additionally, allow BTFs with no type data. There is nothing inherently wrong with having BTF with no types (put potentially with some strings). This could be a situation with kernel module BTFs, if module doesn't introduce any new type information. Also fix invalid offset alignment check for btf->hdr->type_off. Fixes: 8a138aed4a80 ("bpf: btf: Add BTF support to libbpf") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20201105043402.2530976-8-andrii@kernel.org Signed-off-by: Sasha Levin --- tools/lib/bpf/btf.c | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/tools/lib/bpf/btf.c b/tools/lib/bpf/btf.c index d606a358480da..3380aadb74655 100644 --- a/tools/lib/bpf/btf.c +++ b/tools/lib/bpf/btf.c @@ -100,22 +100,18 @@ static int btf_parse_hdr(struct btf *btf) return -EINVAL; } - if (meta_left < hdr->type_off) { - pr_debug("Invalid BTF type section offset:%u\n", hdr->type_off); + if (meta_left < hdr->str_off + hdr->str_len) { + pr_debug("Invalid BTF total size:%u\n", btf->raw_size); return -EINVAL; } - if (meta_left < hdr->str_off) { - pr_debug("Invalid BTF string section offset:%u\n", hdr->str_off); + if (hdr->type_off + hdr->type_len > hdr->str_off) { + pr_debug("Invalid BTF data sections layout: type data at %u + %u, strings data at %u + %u\n", + hdr->type_off, hdr->type_len, hdr->str_off, hdr->str_len); return -EINVAL; } - if (hdr->type_off >= hdr->str_off) { - pr_debug("BTF type section offset >= string section offset. No type?\n"); - return -EINVAL; - } - - if (hdr->type_off & 0x02) { + if (hdr->type_off % 4) { pr_debug("BTF type section is not aligned to 4 bytes\n"); return -EINVAL; } -- 2.27.0