mirrors
/
anolis-cloud-kernel
mirror of https://gitee.com/anolis/cloud-kernel.git
8
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
anolis-cloud-kernel/kernel/bpf
History
Yinan Liu 160227a0f9 bpf: Don't EFAULT for {g,s}setsockopt with wrong optlen 
ANBZ: #22860

commit 29ebbba7d4 upstream.

With the way the hooks implemented right now, we have a special
condition: optval larger than PAGE_SIZE will expose only first 4k into
BPF; any modifications to the optval are ignored. If the BPF program
doesn't handle this condition by resetting optlen to 0,
the userspace will get EFAULT.

The intention of the EFAULT was to make it apparent to the
developers that the program is doing something wrong.
However, this inadvertently might affect production workloads
with the BPF programs that are not too careful (i.e., returning EFAULT
for perfectly valid setsockopt/getsockopt calls).

Let's try to minimize the chance of BPF program screwing up userspace
by ignoring the output of those BPF programs (instead of returning
EFAULT to the userspace). pr_info_once those cases to
the dmesg to help with figuring out what's going wrong.

Fixes: 0d01da6afc ("bpf: implement getsockopt and setsockopt hooks")
Suggested-by: Martin KaFai Lau <martin.lau@kernel.org>
Signed-off-by: Stanislav Fomichev <sdf@google.com>
Link: https://lore.kernel.org/r/20230511170456.1759459-2-sdf@google.com
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
Signed-off-by: Yinan Liu <yinan@linux.alibaba.com>
Reviewed-by: Tianchen Ding <dtcccc@linux.alibaba.com>
Link: https://gitee.com/anolis/cloud-kernel/pulls/5523
 		2025-07-17 07:35:44 +00:00
..
preload bpf: Fix umd memory leak in copy_process() 2021-03-30 14:32:03 +02:00
Makefile anolis: bpf: support relay create with fop->write 2024-02-02 01:26:16 +00:00
arraymap.c bpf: Fix prog_array_map_poke_run map poke update 2025-04-11 03:26:23 +00:00
bloom_filter.c bpf: Add missing map_get_next_key method to bloom filter map. 2023-06-01 02:33:51 +00:00
bpf_inode_storage.c bpf: Change inode_storage's lookup_elem return value from NULL to -EBADF 2021-03-30 14:31:56 +02:00
bpf_iter.c bpf: Inline calls to bpf_loop when callback is known 2023-12-28 04:03:41 +00:00
bpf_local_storage.c bpf: Annotate data races in bpf_local_storage 2024-07-12 07:28:24 +00:00
bpf_lru_list.c bpf: Address KCSAN report on bpf_lru_list 2024-07-12 07:28:24 +00:00
bpf_lru_list.h bpf: Address KCSAN report on bpf_lru_list 2024-07-12 07:28:24 +00:00
bpf_lsm.c bpf: Fix BPF_LSM kconfig symbol dependency 2022-08-01 11:30:42 +00:00
bpf_relay.c anolis: fix unused variable warning in bpf-relay 2024-02-02 14:04:29 +08:00
bpf_struct_ops.c bpf: Remove is_valid_bpf_tramp_flags() 2023-08-24 09:17:41 +00:00
bpf_struct_ops_types.h anolis: bpf: add smc negotiator support in BPF struct_ops 2023-06-16 08:38:23 +00:00
bpf_task_storage.c bpf: Local storage helpers should check nullness of owner ptr passed 2022-08-01 11:30:41 +00:00
btf.c bpf: Remove hard-coded btf_vmlinux assumption from BPF verifier 2025-02-06 02:47:09 +00:00
cgroup.c bpf: Don't EFAULT for {g,s}setsockopt with wrong optlen 2025-07-17 07:35:44 +00:00
core.c bpf: Fix a data-race around bpf_jit_limit. 2024-09-26 08:48:33 +00:00
cpumap.c bpf, cpumap: Make sure kthread is running before map update returns 2024-09-26 08:48:33 +00:00
devmap.c bpf: fix OOB devmap writes when deleting elements 2024-12-17 06:22:28 +00:00
disasm.c bpf: Fix a spelling typo in bpf_atomic_alu_string disasm 2024-08-05 06:28:25 +00:00
disasm.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295 2019-06-05 17:36:38 +02:00
dispatcher.c bpf: Remove bpf_image tree 2020-03-13 12:49:52 -07:00
hashtab.c bpf: fix a memory leak in the LRU and LRU_PERCPU hash maps 2025-07-16 03:10:48 +00:00
helpers.c bpf: Defer work in bpf_timer_cancel_and_free 2025-01-21 16:59:48 +08:00
inode.c bpf: link: Refuse non-O_RDWR flags in BPF_OBJ_GET 2021-04-14 08:42:00 +02:00
local_storage.c bpf: Add map side support for bpf timers. 2024-05-10 08:39:55 +00:00
lpm_trie.c bpf: Fix exact match conditions in trie_get_next_key() 2024-12-17 06:22:28 +00:00
map_in_map.c bpf: Fix elem_size not being set for inner maps 2024-09-26 08:48:33 +00:00
map_in_map.h bpf: Add map and need_defer parameters to .map_fd_put_ptr() 2024-07-16 07:24:13 +00:00
map_iter.c bpf: Introduce MEM_RDONLY flag 2022-08-02 16:35:31 +08:00
net_namespace.c bpf: Add support for forced LINK_DETACH command 2020-08-01 20:38:28 -07:00
offload.c bpf: restore the ebpf program ID for BPF_AUDIT_UNLOAD and PERF_BPF_EVENT_PROG_UNLOAD 2024-05-10 08:39:55 +00:00
percpu_freelist.c bpf: Initialize same number of free nodes for each pcpu_freelist 2024-07-04 17:19:02 +08:00
percpu_freelist.h bpf: Use raw_spin_trylock() for pcpu_freelist_push/pop in NMI 2020-10-06 00:04:11 +02:00
prog_iter.c bpf: Refactor bpf_iter_reg to have separate seq_info member 2020-07-25 20:16:32 -07:00
queue_stack_maps.c bpf: Avoid deadlock when using queue and stack maps from NMI 2024-07-16 07:24:13 +00:00
reuseport_array.c bpf, net: Rework cookie generator as per-cpu one 2020-09-30 11:50:35 -07:00
ringbuf.c bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic 2025-03-27 13:21:47 +00:00
stackmap.c bpf: Fix stackmap overflow check on 32-bit arches 2024-07-25 05:10:52 +00:00
syscall.c bpf: avoid holding freeze_mutex during mmap operation 2025-03-27 13:21:47 +00:00
sysfs_btf.c bpf: Fix sysfs export of empty BTF section 2020-09-21 21:50:24 +02:00
task_iter.c file: Replace fcheck_files with files_lookup_fd_rcu 2024-08-30 01:14:57 +00:00
tnum.c bpf: Verifier, do explicit ALU32 bounds tracking 2020-03-30 14:59:53 -07:00
trampoline.c bpf: Enforce W^X for bpf trampoline 2024-09-12 16:07:08 +08:00
verifier.c bpf: sync_linked_regs() must preserve subreg_def 2025-02-06 03:04:25 +00:00