diff options
| author | Florent Revest <[email protected]> | 2023-06-15 16:56:07 +0200 |
|---|---|---|
| committer | Daniel Borkmann <[email protected]> | 2023-06-21 10:32:22 +0200 |
| commit | 9724160b3942b0a967b91a59f81da5593f28b8ba (patch) | |
| tree | 878fd6fa486469a58aec41c7c014182b249007b5 /kernel/bpf/syscall.c | |
| parent | b78b34c6043ec811ab03bf77a7808a2df522d549 (diff) | |
bpf/btf: Accept function names that contain dots
When building a kernel with LLVM=1, LLVM_IAS=0 and CONFIG_KASAN=y, LLVM
leaves DWARF tags for the "asan.module_ctor" & co symbols. In turn,
pahole creates BTF_KIND_FUNC entries for these and this makes the BTF
metadata validation fail because they contain a dot.
In a dramatic turn of event, this BTF verification failure can cause
the netfilter_bpf initialization to fail, causing netfilter_core to
free the netfilter_helper hashmap and netfilter_ftp to trigger a
use-after-free. The risk of u-a-f in netfilter will be addressed
separately but the existence of "asan.module_ctor" debug info under some
build conditions sounds like a good enough reason to accept functions
that contain dots in BTF.
Although using only LLVM=1 is the recommended way to compile clang-based
kernels, users can certainly do LLVM=1, LLVM_IAS=0 as well and we still
try to support that combination according to Nick. To clarify:
- > v5.10 kernel, LLVM=1 (LLVM_IAS=0 is not the default) is recommended,
but user can still have LLVM=1, LLVM_IAS=0 to trigger the issue
- <= 5.10 kernel, LLVM=1 (LLVM_IAS=0 is the default) is recommended in
which case GNU as will be used
Fixes: 1dc92851849c ("bpf: kernel side support for BTF Var and DataSec")
Signed-off-by: Florent Revest <[email protected]>
Signed-off-by: Daniel Borkmann <[email protected]>
Acked-by: Andrii Nakryiko <[email protected]>
Cc: Yonghong Song <[email protected]>
Cc: Nick Desaulniers <[email protected]>
Link: https://lore.kernel.org/bpf/[email protected]
Diffstat (limited to 'kernel/bpf/syscall.c')
0 files changed, 0 insertions, 0 deletions