Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp9132660pxu; Mon, 28 Dec 2020 07:25:42 -0800 (PST) X-Google-Smtp-Source: ABdhPJwaWaBllcBgkAaARSHL95Z4F+BIlRhxZ1evSoV/Tte4T10KgRJKLOVCI9Ran7dm591TpSEg X-Received: by 2002:a17:906:7fcd:: with SMTP id r13mr42780990ejs.242.1609169142725; Mon, 28 Dec 2020 07:25:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1609169142; cv=none; d=google.com; s=arc-20160816; b=FEyI19EgqICFBIRXnnpwSPVk2wVg6t7IIomwEMEIaugmQ6ALw5TFNcuUVtvSjYDCZL elfMr1xC8heonD8iooq65iwrQDuHlJdGN1DTKnizoCft1BDmMtwK9XHuwyd+UK5g8kM/ wXTgtEDlC579nF95hmd2veTiKjlb5/VIBGhwvpKrQhgpI184m4aev+5ZjA2RWaLipv/p dpu8ZpvxdPn6NJoXC8drPN7mUYYdhTnp9AXXORDt8VzpFsj/Y1pWy304B/seA0o/M1Cg DKX7gm0OBzrFMDcYMZv7eF+e0lC2gPGHhwW488yjIzn21nbBfHK1i0BCic8JeIqrUIDY jp/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=WMnNNtJ7GzhxiRWRQWO16g90ZWM2uYhSykrz5P5DHDc=; b=XHdxsq8SryX9KeEtNtqGEeO+wC28zmD8QSIOmfYYwGtbTAYD0Jsear7X56yAHu0U9l zm50tjzDAQchpbQGx6M8QNjtWM4+BJdn9vlPT89TX7Dsi3nY4eioxW6yWnxAZGz0Sdwn G6cylmAdPZLas7xSwkb481NX/eQozBiA8hcioOIfNdlHUfpo18BLTASpRulKRMl1mwAm 0qeUzkLugrinlbhFVR3aGBJ2m67E8H4f7/ZXfIISmLyHiSzSwYwtjJN4M6xc4VplBnc1 xaN1BeFARlU1iNZoEcPKFF1V7mF/oqNFnhm6feJqNazo7zMkSylvdnhIl3OhoaEMuazH O99w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=omC1pPgj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id m8si20942022edp.82.2020.12.28.07.25.19; Mon, 28 Dec 2020 07:25:42 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=omC1pPgj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2436780AbgL1OCI (ORCPT + 99 others); Mon, 28 Dec 2020 09:02:08 -0500 Received: from mail.kernel.org ([198.145.29.99]:35908 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2436760AbgL1OCF (ORCPT ); Mon, 28 Dec 2020 09:02:05 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 7DECE20715; Mon, 28 Dec 2020 14:01:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1609164085; bh=U0x52ZTbZHpuD3FlCFf6BKzXv+nrYvKYlN1jlfRTMuI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=omC1pPgjjiWTMT25/SkmGy3XJIwvefWmnexZJEizzIwlaUORZgLJVzB2ngVwpGTx+ 05KZXO3Mx1aI52Jhzrg1SxT5GTl4izHqOvuxbOto+Vr+Mq2SUNgygB0jWgRPZR3lfA QOI49WMZ1MLcmg1LEis7KHxQ4c4ctQcaYIeeZ1Qg= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Andrii Nakryiko , Alexei Starovoitov , Sasha Levin Subject: [PATCH 5.10 055/717] libbpf: Fix BTF data layout checks and allow empty BTF Date: Mon, 28 Dec 2020 13:40:53 +0100 Message-Id: <20201228125023.630228905@linuxfoundation.org> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20201228125020.963311703@linuxfoundation.org> References: <20201228125020.963311703@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Andrii Nakryiko [ Upstream commit d8123624506cd62730c9cd9c7672c698e462703d ] Make data section layout checks stricter, disallowing overlap of types and strings data. Additionally, allow BTFs with no type data. There is nothing inherently wrong with having BTF with no types (put potentially with some strings). This could be a situation with kernel module BTFs, if module doesn't introduce any new type information. Also fix invalid offset alignment check for btf->hdr->type_off. Fixes: 8a138aed4a80 ("bpf: btf: Add BTF support to libbpf") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20201105043402.2530976-8-andrii@kernel.org Signed-off-by: Sasha Levin --- tools/lib/bpf/btf.c | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/tools/lib/bpf/btf.c b/tools/lib/bpf/btf.c index 231b07203e3d2..987c1515b828b 100644 --- a/tools/lib/bpf/btf.c +++ b/tools/lib/bpf/btf.c @@ -215,22 +215,18 @@ static int btf_parse_hdr(struct btf *btf) return -EINVAL; } - if (meta_left < hdr->type_off) { - pr_debug("Invalid BTF type section offset:%u\n", hdr->type_off); + if (meta_left < hdr->str_off + hdr->str_len) { + pr_debug("Invalid BTF total size:%u\n", btf->raw_size); return -EINVAL; } - if (meta_left < hdr->str_off) { - pr_debug("Invalid BTF string section offset:%u\n", hdr->str_off); + if (hdr->type_off + hdr->type_len > hdr->str_off) { + pr_debug("Invalid BTF data sections layout: type data at %u + %u, strings data at %u + %u\n", + hdr->type_off, hdr->type_len, hdr->str_off, hdr->str_len); return -EINVAL; } - if (hdr->type_off >= hdr->str_off) { - pr_debug("BTF type section offset >= string section offset. No type?\n"); - return -EINVAL; - } - - if (hdr->type_off & 0x02) { + if (hdr->type_off % 4) { pr_debug("BTF type section is not aligned to 4 bytes\n"); return -EINVAL; } -- 2.27.0