Received: by 2002:ab2:6857:0:b0:1ef:ffd0:ce49 with SMTP id l23csp2374979lqp; Sun, 24 Mar 2024 16:31:32 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCX+AwUVBToo5tGgvYbw1MLqedoVw7heJaLewlsFSbj75sHK6FtzXz3332ttDWLCwn4NJFR0w8/Ezd4N74bR5GbjxDLVDMSws6VK9BON8A== X-Google-Smtp-Source: AGHT+IHK6+yi0ksb1TuLq6LzPh/cvPsE2ZaxPec3iPl+bzOjL/GKWUmzcfRl4t1j3ockzXNor1F2 X-Received: by 2002:a17:90b:3d8:b0:29b:a345:620a with SMTP id go24-20020a17090b03d800b0029ba345620amr7334466pjb.20.1711323092296; Sun, 24 Mar 2024 16:31:32 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1711323092; cv=pass; d=google.com; s=arc-20160816; b=s++/+CJc1JL3IT5sMbfLZlx3UoT/MuSCdWsUqyp90ETy8gaBhIBBFX2HSj9uCcc0An Rn518EPl9/f1zqXW+HHFxl4dzYXoIMKutf0szd2JHRpTjDe3pKQ3GSvlxq3aIfBzO2Ok 8wOrZxFV73B5MeW5aITIMOBjPfR7pc0Ntio7RMSdk1fZjBt6TuIP5MN4TUkkVTqetaUc PB66KN+NEfFKhmt4DyCEtOpRdupN3NBI2tOvqqWkhZGjtB7Sdta41fNSJwscfDL65GvX uXcuKp4M4QDtVDkEpp3V9FUXJkgbY1kCk55XPXGLEKLDMpg50pCRSBTuEG43Ri/dax2d 9M3g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=02H6pM+Dg9iXIrXOV3OAruDFW60/cjTgZ+h/8FM3rqc=; fh=KI8lcTG8vb34AD2IamQ72oHFFdOGEQ7hEAfSh6gHHEE=; b=PQYBQGWuQElHuugqOkxIfFFm4QqQD0K1Xpk9leR0fGzwOf4en94pSSJUUgqVo686il e+JQVz3TSlhbAGYUuXiUBLorCYcFr/81QvL+0FsbXVxVI0J5r2j+WkGX7x6mO8ICnpfo RRvymsZMjzKEKOtDF6em4Vc1SGZeSdgJ3iBgwg57R8OMz7rsG1mp5ICReC+Dfk5iMbyG 2bk5S29kOwgLJxcCrHLp7CQPaytmHjHrqorQylmPunJOcm5DCwXokQMfK3bGyK6HxvuQ rVBXGhOYcY2FiR/zAraET79lDETyaGgCiVgbZwXKnJEG2rsD0zdlMcpmNa43iSbsZbjG rk1Q==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=SUpmGfhF; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-113081-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-113081-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id l8-20020a17090a850800b0029ffed4be92si10069462pjn.104.2024.03.24.16.31.32 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 24 Mar 2024 16:31:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-113081-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=SUpmGfhF; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-113081-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-113081-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 8D88D285167 for ; Sun, 24 Mar 2024 23:18:11 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id BF2B514E2EA; Sun, 24 Mar 2024 22:38:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="SUpmGfhF" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AF554548E2; Sun, 24 Mar 2024 22:38:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711319890; cv=none; b=sUvE6/n5pxX30pt4Wn83CVANDzh5K/mcJkpzEV0skVbCW90q0NiCYWZt5AZ3DuJbruoqT8J5D6DAZxdSOo2tsckCI2yjeDWS4Sg3+2d9hD2N96a+YzhpGLLClnEMpQb0yEa0IOQKzwjPxoF+lnrOEjIUmCJ0lyw9dV150bv2+kE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711319890; c=relaxed/simple; bh=ZnrPdgvk06axdQ2YBtY3yByvM2uHKf4dwGAffJixHV0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=RHdlbV7i1VGJxVJHIh9178T+gjdDPcMCvx88u4tXuiXulPvXPPBT0qG9oO0HSFoqW+S4v7N1h8pAuGIsSHKlrRYClh1us1RXimxldWSohXwVzyP0qQ7QlsU5PtFb2RlJ775ELOtac0DWlQyOQonhUrYL5uMwqMjAlfi2fYe9Olc= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=SUpmGfhF; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id D6881C433C7; Sun, 24 Mar 2024 22:38:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1711319890; bh=ZnrPdgvk06axdQ2YBtY3yByvM2uHKf4dwGAffJixHV0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=SUpmGfhF2yAQitpTRRopdZxZhHys5k8giWvVdnB6JeOYWwRNjrCH3omkjiaKEHibx bXhDEWGNhIi3qKBo6jZy6za9x+KwpEnSN8IssVX4wdta3XRnD3wnvmbp6ue9Yb3GY1 7tZw6L13shMbBwaRaVS2mri9oL7vpOHsq7jwM1JF1kLc40K7PdLiNNFquT+lG8AoI0 d7oY/noKDijCnTBUzEHw7tTrh2xYYMeZnwr406YDi7QKSHXSr2+ZOJ92dtNO5CkMuW dCVyYYmVl+DYAeU64tXegZ/YlS0znTTisNvuZVX5M2YDaedHvcns0x+eG7bA6ohnv9 aNM8qs6RPqWWQ== From: Sasha Levin To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Yonghong Song , Andrii Nakryiko , Jiri Olsa , Sasha Levin Subject: [PATCH 6.8 195/715] bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly Date: Sun, 24 Mar 2024 18:26:14 -0400 Message-ID: <20240324223455.1342824-196-sashal@kernel.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240324223455.1342824-1-sashal@kernel.org> References: <20240324223455.1342824-1-sashal@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-stable: review X-Patchwork-Hint: Ignore Content-Transfer-Encoding: 8bit From: Yonghong Song [ Upstream commit 178c54666f9c4d2f49f2ea661d0c11b52f0ed190 ] Currently tracing is supposed not to allow for bpf_spin_{lock,unlock}() helper calls. This is to prevent deadlock for the following cases: - there is a prog (prog-A) calling bpf_spin_{lock,unlock}(). - there is a tracing program (prog-B), e.g., fentry, attached to bpf_spin_lock() and/or bpf_spin_unlock(). - prog-B calls bpf_spin_{lock,unlock}(). For such a case, when prog-A calls bpf_spin_{lock,unlock}(), a deadlock will happen. The related source codes are below in kernel/bpf/helpers.c: notrace BPF_CALL_1(bpf_spin_lock, struct bpf_spin_lock *, lock) notrace BPF_CALL_1(bpf_spin_unlock, struct bpf_spin_lock *, lock) notrace is supposed to prevent fentry prog from attaching to bpf_spin_{lock,unlock}(). But actually this is not the case and fentry prog can successfully attached to bpf_spin_lock(). Siddharth Chintamaneni reported the issue in [1]. The following is the macro definition for above BPF_CALL_1: #define BPF_CALL_x(x, name, ...) \ static __always_inline \ u64 ____##name(__BPF_MAP(x, __BPF_DECL_ARGS, __BPF_V, __VA_ARGS__)); \ typedef u64 (*btf_##name)(__BPF_MAP(x, __BPF_DECL_ARGS, __BPF_V, __VA_ARGS__)); \ u64 name(__BPF_REG(x, __BPF_DECL_REGS, __BPF_N, __VA_ARGS__)); \ u64 name(__BPF_REG(x, __BPF_DECL_REGS, __BPF_N, __VA_ARGS__)) \ { \ return ((btf_##name)____##name)(__BPF_MAP(x,__BPF_CAST,__BPF_N,__VA_ARGS__));\ } \ static __always_inline \ u64 ____##name(__BPF_MAP(x, __BPF_DECL_ARGS, __BPF_V, __VA_ARGS__)) #define BPF_CALL_1(name, ...) BPF_CALL_x(1, name, __VA_ARGS__) The notrace attribute is actually applied to the static always_inline function ____bpf_spin_{lock,unlock}(). The actual callback function bpf_spin_{lock,unlock}() is not marked with notrace, hence allowing fentry prog to attach to two helpers, and this may cause the above mentioned deadlock. Siddharth Chintamaneni actually has a reproducer in [2]. To fix the issue, a new macro NOTRACE_BPF_CALL_1 is introduced which will add notrace attribute to the original function instead of the hidden always_inline function and this fixed the problem. [1] https://lore.kernel.org/bpf/CAE5sdEigPnoGrzN8WU7Tx-h-iFuMZgW06qp0KHWtpvoXxf1OAQ@mail.gmail.com/ [2] https://lore.kernel.org/bpf/CAE5sdEg6yUc_Jz50AnUXEEUh6O73yQ1Z6NV2srJnef0ZrQkZew@mail.gmail.com/ Fixes: d83525ca62cf ("bpf: introduce bpf_spin_lock") Signed-off-by: Yonghong Song Signed-off-by: Andrii Nakryiko Acked-by: Jiri Olsa Link: https://lore.kernel.org/bpf/20240207070102.335167-1-yonghong.song@linux.dev Signed-off-by: Sasha Levin --- include/linux/filter.h | 21 ++++++++++++--------- kernel/bpf/helpers.c | 4 ++-- 2 files changed, 14 insertions(+), 11 deletions(-) diff --git a/include/linux/filter.h b/include/linux/filter.h index 68fb6c8142fec..f537a394c42d0 100644 --- a/include/linux/filter.h +++ b/include/linux/filter.h @@ -547,24 +547,27 @@ static inline bool insn_is_zext(const struct bpf_insn *insn) __BPF_MAP(n, __BPF_DECL_ARGS, __BPF_N, u64, __ur_1, u64, __ur_2, \ u64, __ur_3, u64, __ur_4, u64, __ur_5) -#define BPF_CALL_x(x, name, ...) \ +#define BPF_CALL_x(x, attr, name, ...) \ static __always_inline \ u64 ____##name(__BPF_MAP(x, __BPF_DECL_ARGS, __BPF_V, __VA_ARGS__)); \ typedef u64 (*btf_##name)(__BPF_MAP(x, __BPF_DECL_ARGS, __BPF_V, __VA_ARGS__)); \ - u64 name(__BPF_REG(x, __BPF_DECL_REGS, __BPF_N, __VA_ARGS__)); \ - u64 name(__BPF_REG(x, __BPF_DECL_REGS, __BPF_N, __VA_ARGS__)) \ + attr u64 name(__BPF_REG(x, __BPF_DECL_REGS, __BPF_N, __VA_ARGS__)); \ + attr u64 name(__BPF_REG(x, __BPF_DECL_REGS, __BPF_N, __VA_ARGS__)) \ { \ return ((btf_##name)____##name)(__BPF_MAP(x,__BPF_CAST,__BPF_N,__VA_ARGS__));\ } \ static __always_inline \ u64 ____##name(__BPF_MAP(x, __BPF_DECL_ARGS, __BPF_V, __VA_ARGS__)) -#define BPF_CALL_0(name, ...) BPF_CALL_x(0, name, __VA_ARGS__) -#define BPF_CALL_1(name, ...) BPF_CALL_x(1, name, __VA_ARGS__) -#define BPF_CALL_2(name, ...) BPF_CALL_x(2, name, __VA_ARGS__) -#define BPF_CALL_3(name, ...) BPF_CALL_x(3, name, __VA_ARGS__) -#define BPF_CALL_4(name, ...) BPF_CALL_x(4, name, __VA_ARGS__) -#define BPF_CALL_5(name, ...) BPF_CALL_x(5, name, __VA_ARGS__) +#define __NOATTR +#define BPF_CALL_0(name, ...) BPF_CALL_x(0, __NOATTR, name, __VA_ARGS__) +#define BPF_CALL_1(name, ...) BPF_CALL_x(1, __NOATTR, name, __VA_ARGS__) +#define BPF_CALL_2(name, ...) BPF_CALL_x(2, __NOATTR, name, __VA_ARGS__) +#define BPF_CALL_3(name, ...) BPF_CALL_x(3, __NOATTR, name, __VA_ARGS__) +#define BPF_CALL_4(name, ...) BPF_CALL_x(4, __NOATTR, name, __VA_ARGS__) +#define BPF_CALL_5(name, ...) BPF_CALL_x(5, __NOATTR, name, __VA_ARGS__) + +#define NOTRACE_BPF_CALL_1(name, ...) BPF_CALL_x(1, notrace, name, __VA_ARGS__) #define bpf_ctx_range(TYPE, MEMBER) \ offsetof(TYPE, MEMBER) ... offsetofend(TYPE, MEMBER) - 1 diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c index d19cd863d294e..b10092754dde3 100644 --- a/kernel/bpf/helpers.c +++ b/kernel/bpf/helpers.c @@ -334,7 +334,7 @@ static inline void __bpf_spin_lock_irqsave(struct bpf_spin_lock *lock) __this_cpu_write(irqsave_flags, flags); } -notrace BPF_CALL_1(bpf_spin_lock, struct bpf_spin_lock *, lock) +NOTRACE_BPF_CALL_1(bpf_spin_lock, struct bpf_spin_lock *, lock) { __bpf_spin_lock_irqsave(lock); return 0; @@ -357,7 +357,7 @@ static inline void __bpf_spin_unlock_irqrestore(struct bpf_spin_lock *lock) local_irq_restore(flags); } -notrace BPF_CALL_1(bpf_spin_unlock, struct bpf_spin_lock *, lock) +NOTRACE_BPF_CALL_1(bpf_spin_unlock, struct bpf_spin_lock *, lock) { __bpf_spin_unlock_irqrestore(lock); return 0; -- 2.43.0