Re: [PATCH bpf] xdp: use trusted arguments in XDP hints kfuncs
From: Alexei Starovoitov
Date: Tue Jul 11 2023 - 23:06:56 EST
On Tue, Jul 11, 2023 at 10:00 AM Stanislav Fomichev <sdf@xxxxxxxxxx> wrote:
>
> On Tue, Jul 11, 2023 at 7:21 AM Jesper Dangaard Brouer
> <jbrouer@xxxxxxxxxx> wrote:
> >
> >
> > On 11/07/2023 12.59, Larysa Zaremba wrote:
> > > Currently, verifier does not reject XDP programs that pass NULL pointer to
> > > hints functions. At the same time, this case is not handled in any driver
> > > implementation (including veth). For example, changing
> > >
> > > bpf_xdp_metadata_rx_timestamp(ctx, ×tamp);
> > >
> > > to
> > >
> > > bpf_xdp_metadata_rx_timestamp(ctx, NULL);
> > >
> > > in xdp_metadata test successfully crashes the system.
> > >
> > > Add KF_TRUSTED_ARGS flag to hints kfunc definitions, so driver code
> > > does not have to worry about getting invalid pointers.
> > >
> >
> > Looks good to me, assuming this means verifier will reject BPF-prog's
> > supplying NULL.
> >
> > Acked-by: Jesper Dangaard Brouer <hawk@xxxxxxxxxx>
> >
> > > Fixes: 3d76a4d3d4e5 ("bpf: XDP metadata RX kfuncs")
> > > Reported-by: Stanislav Fomichev <sdf@xxxxxxxxxx>
> > > Closes: https://lore.kernel.org/bpf/ZKWo0BbpLfkZHbyE@xxxxxxxxxx/
> > > Signed-off-by: Larysa Zaremba <larysa.zaremba@xxxxxxxxx>
>
> Acked-by: Stanislav Fomichev <sdf@xxxxxxxxxx>
>
> Thank you for the fix!
Applied. Thanks