Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp2956192rwd; Fri, 16 Jun 2023 10:14:58 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7l44qHYCsHysiYVqsp4dwhgS6Sc1lr10AjqRGQwori2zE3cQiP2QYZc3tmJZ3rFmMUIKMU X-Received: by 2002:a17:903:18b:b0:1b0:4527:3716 with SMTP id z11-20020a170903018b00b001b045273716mr2636112plg.15.1686935698198; Fri, 16 Jun 2023 10:14:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686935698; cv=none; d=google.com; s=arc-20160816; b=mf2yfbYAjzaE51V35HicdHQ40xr5qSAFtoCVEF5A5uL36f4u+tQ6/fr+USKddWCw/F Iehzutp6WiZbfXhUe9qYuETFadj0AEBJuF9AY/zmt3YZBdPVJhLsqkGvlaL/qPgi6iA1 +c67gnNCC8Xs7mXdloilBqKDFoCPla3WVCZnkR/BkWTDwNij9nMq2waKImnW3xokCejz tFjHaD4WncNR1z2Ve1PSFRyqr9tGymvQTCJWTHnEjLeyMq1REk0yRI9C60jqSX3Ej33/ RfW3PswizvZ6YnOIF8kgIB0zPebnJlFM35VP2QnVVz54bY0ttaTE6FeivJT/4++ROfPx NTEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=2oAtZ5LXCHICXaEO7EYK6uvp3llXWtuPjR3rLD7TKJU=; b=KVpNeCWEJdPY0S4IQst9s57rF0IailcOixT5eW8UCzKZISDyHBngmaD0T7yPVIHt4x zuZjuqfc/EKGS9hf5/wfUzsMR6n1HrbIAjWGcGi7EesBIEDURjS7pWO0Bcb8olfNtbFk W5tlzhCBHx9MFOLkRHIz6kq9PcLYjgxj9oYldrF4z4AS5xl84BAj1OwSl2SaykyoSLXK 5uqNt7CNWas0CqtLk3HOK9ByrfBYewfiMjxKSS5fEJDT5a5FtmaUijqyJFY5xJG0CGzF gCJa5YTanVPZGBM71mDMa4IfyAHMDheYzABPFqrCLZhh9gBbebIQP3tdd417W3WVOteY m5Iw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=X6FK8VVx; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j15-20020a170902da8f00b001b0f727bc35si10912800plx.157.2023.06.16.10.14.35; Fri, 16 Jun 2023 10:14:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=X6FK8VVx; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230237AbjFPRAk (ORCPT + 99 others); Fri, 16 Jun 2023 13:00:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43384 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346057AbjFPQ7c (ORCPT ); Fri, 16 Jun 2023 12:59:32 -0400 Received: from mail-ed1-x532.google.com (mail-ed1-x532.google.com [IPv6:2a00:1450:4864:20::532]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B60DC422F; Fri, 16 Jun 2023 09:57:51 -0700 (PDT) Received: by mail-ed1-x532.google.com with SMTP id 4fb4d7f45d1cf-5186a157b85so1249287a12.0; Fri, 16 Jun 2023 09:57:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1686934670; x=1689526670; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=2oAtZ5LXCHICXaEO7EYK6uvp3llXWtuPjR3rLD7TKJU=; b=X6FK8VVxK2s2rEUXtQ32Cv6NtWP2XqSlUIH7xOzkfQgToM1SrRJeCyXKqsO3Fu1r/C CECb1sgPbuh8vEmvSmNOMtijAdUYkc6hAWV4YrDf0eCljhRFaSFWIO+vzDs2BP4T7d08 rZjtoCQknhmFp+QFgsq3K2IEefeL0Nd347SjjD7gA80RN/jZiOjmNSA9Pm8PjxLI/VTZ lLMfj7XtiRuARmKr6jB2NOmiyHMK13AQXKwRx7ydy0TKcKClknlex1cnevSTtJcDtdJp WFwyuROSnzUp2uwn7sl8iQp3j6q88l9X/gQ63VMZwfGc6cL8dvbBy8rosgC1RnFhQakl lCSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686934670; x=1689526670; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=2oAtZ5LXCHICXaEO7EYK6uvp3llXWtuPjR3rLD7TKJU=; b=WzALQYlMVt4XFhhhVZEtwXT42CZSvD5hbnC2IKcgv+Y6uHV8+ndtDfSMwbbK5z6maF zloFPDkki9fVTROvXXtxbKPAJyo8Se4Yu8nLnRaPKsvq/JoGOouSObFGIQZoQTIpaXdR E5jhHYLNFbK2R4JnfxyaAvArqUQ24VXKn6sjB16WVj9lozp8UR5WhV3n6M8mYFdZLQPu Qy1NdsiPr4+qs4FHgSc18pJzhJemwk1NADH+kloootD0mxUiiCsqySAvznppX4Nj3sJh XbHzWSm7CJjEwZdLBZjoQjFm+4inNYw7nGNUFa094GIb8RtfQKynDz7isCI+EV/yQrDn +A0Q== X-Gm-Message-State: AC+VfDzi71EKo6rP0owvz3xnCByr50TxwJ6TDsv/Q8BROrr+Vr3rHtTq vPB/zP8ery3ogs+Fqh/vISrNixk3r0cHtQOZ5MY= X-Received: by 2002:a17:907:7b96:b0:984:5c67:e73f with SMTP id ne22-20020a1709077b9600b009845c67e73fmr2433871ejc.54.1686934670087; Fri, 16 Jun 2023 09:57:50 -0700 (PDT) MIME-Version: 1.0 References: <20230615145607.3469985-1-revest@chromium.org> In-Reply-To: <20230615145607.3469985-1-revest@chromium.org> From: Andrii Nakryiko Date: Fri, 16 Jun 2023 09:57:38 -0700 Message-ID: Subject: Re: [PATCH bpf] bpf/btf: Accept function names that contain dots To: Florent Revest Cc: bpf@vger.kernel.org, linux-kernel@vger.kernel.org, llvm@lists.linux.dev, martin.lau@linux.dev, ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org, song@kernel.org, yhs@fb.com, john.fastabend@gmail.com, kpsingh@kernel.org, sdf@google.com, haoluo@google.com, jolsa@kernel.org, nathan@kernel.org, ndesaulniers@google.com, trix@redhat.com, stable@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jun 15, 2023 at 7:56=E2=80=AFAM Florent Revest wrote: > > When building a kernel with LLVM=3D1, LLVM_IAS=3D0 and CONFIG_KASAN=3Dy, = LLVM > leaves DWARF tags for the "asan.module_ctor" & co symbols. In turn, > pahole creates BTF_KIND_FUNC entries for these and this makes the BTF > metadata validation fail because they contain a dot. > > In a dramatic turn of event, this BTF verification failure can cause > the netfilter_bpf initialization to fail, causing netfilter_core to > free the netfilter_helper hashmap and netfilter_ftp to trigger a > use-after-free. The risk of u-a-f in netfilter will be addressed > separately but the existence of "asan.module_ctor" debug info under some > build conditions sounds like a good enough reason to accept functions > that contain dots in BTF. I don't see much harm in allowing dots. There are also all those .isra and other modifications to functions that we currently don't have in BTF, but with the discussions about recording function addrs we might eventually have those as well. So: Acked-by: Andrii Nakryiko > > Cc: stable@vger.kernel.org > Fixes: 1dc92851849c ("bpf: kernel side support for BTF Var and DataSec") > Signed-off-by: Florent Revest > --- > kernel/bpf/btf.c | 20 ++++++++------------ > 1 file changed, 8 insertions(+), 12 deletions(-) > > diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c > index 6b682b8e4b50..72b32b7cd9cd 100644 > --- a/kernel/bpf/btf.c > +++ b/kernel/bpf/btf.c > @@ -744,13 +744,12 @@ static bool btf_name_offset_valid(const struct btf = *btf, u32 offset) > return offset < btf->hdr.str_len; > } > > -static bool __btf_name_char_ok(char c, bool first, bool dot_ok) > +static bool __btf_name_char_ok(char c, bool first) > { > if ((first ? !isalpha(c) : > !isalnum(c)) && > c !=3D '_' && > - ((c =3D=3D '.' && !dot_ok) || > - c !=3D '.')) > + c !=3D '.') > return false; > return true; > } > @@ -767,20 +766,20 @@ static const char *btf_str_by_offset(const struct b= tf *btf, u32 offset) > return NULL; > } > > -static bool __btf_name_valid(const struct btf *btf, u32 offset, bool dot= _ok) > +static bool __btf_name_valid(const struct btf *btf, u32 offset) > { > /* offset must be valid */ > const char *src =3D btf_str_by_offset(btf, offset); > const char *src_limit; > > - if (!__btf_name_char_ok(*src, true, dot_ok)) > + if (!__btf_name_char_ok(*src, true)) > return false; > > /* set a limit on identifier length */ > src_limit =3D src + KSYM_NAME_LEN; > src++; > while (*src && src < src_limit) { > - if (!__btf_name_char_ok(*src, false, dot_ok)) > + if (!__btf_name_char_ok(*src, false)) > return false; > src++; > } > @@ -788,17 +787,14 @@ static bool __btf_name_valid(const struct btf *btf,= u32 offset, bool dot_ok) > return !*src; > } > > -/* Only C-style identifier is permitted. This can be relaxed if > - * necessary. > - */ > static bool btf_name_valid_identifier(const struct btf *btf, u32 offset) > { > - return __btf_name_valid(btf, offset, false); > + return __btf_name_valid(btf, offset); > } > > static bool btf_name_valid_section(const struct btf *btf, u32 offset) > { > - return __btf_name_valid(btf, offset, true); > + return __btf_name_valid(btf, offset); > } > > static const char *__btf_name_by_offset(const struct btf *btf, u32 offse= t) > @@ -4422,7 +4418,7 @@ static s32 btf_var_check_meta(struct btf_verifier_e= nv *env, > } > > if (!t->name_off || > - !__btf_name_valid(env->btf, t->name_off, true)) { > + !__btf_name_valid(env->btf, t->name_off)) { > btf_verifier_log_type(env, t, "Invalid name"); > return -EINVAL; > } > -- > 2.41.0.162.gfafddb0af9-goog >