Re: [PATCH AUTOSEL 4.19 07/22] bpf: Add map and need_defer parameters to .map_fd_put_ptr()

[Hou Tao]

On 1/17/2024 4:04 AM, Sasha Levin wrote:
> From: Hou Tao <houtao1@xxxxxxxxxx>
>
> [ Upstream commit 20c20bd11a0702ce4dc9300c3da58acf551d9725 ]
>
> map is the pointer of outer map, and need_defer needs some explanation.
> need_defer tells the implementation to defer the reference release of
> the passed element and ensure that the element is still alive before
> the bpf program, which may manipulate it, exits.
>
> The following three cases will invoke map_fd_put_ptr() and different
> need_defer values will be passed to these callers:
>
> 1) release the reference of the old element in the map during map update
>    or map deletion. The release must be deferred, otherwise the bpf
>    program may incur use-after-free problem, so need_defer needs to be
>    true.
> 2) release the reference of the to-be-added element in the error path of
>    map update. The to-be-added element is not visible to any bpf
>    program, so it is OK to pass false for need_defer parameter.
> 3) release the references of all elements in the map during map release.
>    Any bpf program which has access to the map must have been exited and
>    released, so need_defer=false will be OK.
>
> These two parameters will be used by the following patches to fix the
> potential use-after-free problem for map-in-map.
>
> Signed-off-by: Hou Tao <houtao1@xxxxxxxxxx>
> Link: https://lore.kernel.org/r/20231204140425.1480317-3-houtao@xxxxxxxxxxxxxxx
> Signed-off-by: Alexei Starovoitov <ast@xxxxxxxxxx>
> Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

The patch is just a preparatory patch for fix, please drop it.