[kbuild-all] Re: [RFC bpf-next 1/2] bpf: add signature to eBPF instructions

Hi Matteo, [FYI, it's a private test report for your RFC patch.] [auto build test ERROR on bpf-next/master] url: https://github.com/0day-ci/linux/commits/Matteo-Croce/bpf-sign-bpf-progra... base: https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git master config: i386-buildonly-randconfig-r002-20211012 (attached as .config) compiler: gcc-9 (Debian 9.3.0-22) 9.3.0 reproduce (this is a W=1 build): # https://github.com/0day-ci/linux/commit/45c21d28e868dac39e5267e2e2b6f4e35... git remote add linux-review https://github.com/0day-ci/linux git fetch --no-tags linux-review Matteo-Croce/bpf-sign-bpf-programs/20211013-030207 git checkout 45c21d28e868dac39e5267e2e2b6f4e35f86b661 # save the attached .config to linux build tree make W=1 ARCH=i386 If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <lkp(a)intel.com&gt; All errors (new ones prefixed by >>): kernel/bpf/syscall.c: In function 'bpf_prog_load': 2288 | if (copy_from_user(signature, (char *)attr->signature, attr->sig_len)) { | ^ cc1: all warnings being treated as errors vim +2288 kernel/bpf/syscall.c 2162 2163 static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr) 2164 { 2165 enum bpf_prog_type type = attr->prog_type; 2166 struct bpf_prog *prog, *dst_prog = NULL; 2167 struct btf *attach_btf = NULL; 2168 int err; 2169 char license[128]; 2170 bool is_gpl; 2171 2172 if (CHECK_ATTR(BPF_PROG_LOAD)) 2173 return -EINVAL; 2174 2175 if (attr->prog_flags & ~(BPF_F_STRICT_ALIGNMENT | 2176 BPF_F_ANY_ALIGNMENT | 2177 BPF_F_TEST_STATE_FREQ | 2178 BPF_F_SLEEPABLE | 2179 BPF_F_TEST_RND_HI32)) 2180 return -EINVAL; 2181 2182 if (!IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && 2183 (attr->prog_flags & BPF_F_ANY_ALIGNMENT) && 2184 !bpf_capable()) 2185 return -EPERM; 2186 2187 /* copy eBPF program license from user space */ 2188 if (strncpy_from_bpfptr(license, 2189 make_bpfptr(attr->license, uattr.is_kernel), 2190 sizeof(license) - 1) < 0) 2191 return -EFAULT; 2192 license[sizeof(license) - 1] = 0; 2193 2194 /* eBPF programs must be GPL compatible to use GPL-ed functions */ 2195 is_gpl = license_is_gpl_compatible(license); 2196 2197 if (attr->insn_cnt == 0 || 2198 attr->insn_cnt > (bpf_capable() ? BPF_COMPLEXITY_LIMIT_INSNS : BPF_MAXINSNS)) 2199 return -E2BIG; 2200 if (type != BPF_PROG_TYPE_SOCKET_FILTER && 2201 type != BPF_PROG_TYPE_CGROUP_SKB && 2202 !bpf_capable()) 2203 return -EPERM; 2204 2205 if (is_net_admin_prog_type(type) && !capable(CAP_NET_ADMIN) && !capable(CAP_SYS_ADMIN)) 2206 return -EPERM; 2207 if (is_perfmon_prog_type(type) && !perfmon_capable()) 2208 return -EPERM; 2209 2210 /* attach_prog_fd/attach_btf_obj_fd can specify fd of either bpf_prog 2211 * or btf, we need to check which one it is 2212 */ 2213 if (attr->attach_prog_fd) { 2214 dst_prog = bpf_prog_get(attr->attach_prog_fd); 2215 if (IS_ERR(dst_prog)) { 2216 dst_prog = NULL; 2217 attach_btf = btf_get_by_fd(attr->attach_btf_obj_fd); 2218 if (IS_ERR(attach_btf)) 2219 return -EINVAL; 2220 if (!btf_is_kernel(attach_btf)) { 2221 /* attaching through specifying bpf_prog's BTF 2222 * objects directly might be supported eventually 2223 */ 2224 btf_put(attach_btf); 2225 return -ENOTSUPP; 2226 } 2227 } 2228 } else if (attr->attach_btf_id) { 2229 /* fall back to vmlinux BTF, if BTF type ID is specified */ 2230 attach_btf = bpf_get_btf_vmlinux(); 2231 if (IS_ERR(attach_btf)) 2232 return PTR_ERR(attach_btf); 2233 if (!attach_btf) 2234 return -EINVAL; 2235 btf_get(attach_btf); 2236 } 2237 2238 bpf_prog_load_fixup_attach_type(attr); 2239 if (bpf_prog_load_check_attach(type, attr->expected_attach_type, 2240 attach_btf, attr->attach_btf_id, 2241 dst_prog)) { 2242 if (dst_prog) 2243 bpf_prog_put(dst_prog); 2244 if (attach_btf) 2245 btf_put(attach_btf); 2246 return -EINVAL; 2247 } 2248 2249 /* plain bpf_prog allocation */ 2250 prog = bpf_prog_alloc(bpf_prog_size(attr->insn_cnt), GFP_USER); 2251 if (!prog) { 2252 if (dst_prog) 2253 bpf_prog_put(dst_prog); 2254 if (attach_btf) 2255 btf_put(attach_btf); 2256 return -ENOMEM; 2257 } 2258 2259 prog->expected_attach_type = attr->expected_attach_type; 2260 prog->aux->attach_btf = attach_btf; 2261 prog->aux->attach_btf_id = attr->attach_btf_id; 2262 prog->aux->dst_prog = dst_prog; 2263 prog->aux->offload_requested = !!attr->prog_ifindex; 2264 prog->aux->sleepable = attr->prog_flags & BPF_F_SLEEPABLE; 2265 2266 err = security_bpf_prog_alloc(prog->aux); 2267 if (err) 2268 goto free_prog; 2269 2270 prog->aux->user = get_current_user(); 2271 prog->len = attr->insn_cnt; 2272 2273 err = -EFAULT; 2274 if (copy_from_bpfptr(prog->insns, 2275 make_bpfptr(attr->insns, uattr.is_kernel), 2276 bpf_prog_insn_size(prog)) != 0) 2277 goto free_prog_sec; 2278 2279 if (attr->sig_len) { 2280 char *signature; 2281 2282 signature = kmalloc(attr->sig_len, GFP_USER); 2283 if (!signature) { 2284 err = -ENOMEM; 2285 goto free_prog_sec; 2286 } 2287 2289 err = -EFAULT; 2290 kfree(signature); 2291 goto free_prog_sec; 2292 } 2293 2294 err = verify_pkcs7_signature(prog->insns, 2295 prog->len * sizeof(struct bpf_insn), 2296 signature, attr->sig_len, 2297 VERIFY_USE_SECONDARY_KEYRING, 2298 VERIFYING_MODULE_SIGNATURE, 2299 NULL, NULL); 2300 kfree(signature); 2301 2302 if (err) { 2303 printk("verify_pkcs7_signature(): %pe\n", (void*)(uintptr_t)err); 2304 goto free_prog_sec; 2305 } 2306 } 2307 2308 prog->orig_prog = NULL; 2309 prog->jited = 0; 2310 2311 atomic64_set(&prog->aux->refcnt, 1); 2312 prog->gpl_compatible = is_gpl ? 1 : 0; 2313 2314 if (bpf_prog_is_dev_bound(prog->aux)) { 2315 err = bpf_prog_offload_init(prog, attr); 2316 if (err) 2317 goto free_prog_sec; 2318 } 2319 2320 /* find program type: socket_filter vs tracing_filter */ 2321 err = find_prog_type(type, prog); 2322 if (err < 0) 2323 goto free_prog_sec; 2324 2325 prog->aux->load_time = ktime_get_boottime_ns(); 2326 err = bpf_obj_name_cpy(prog->aux->name, attr->prog_name, 2327 sizeof(attr->prog_name)); 2328 if (err < 0) 2329 goto free_prog_sec; 2330 2331 /* run eBPF verifier */ 2332 err = bpf_check(&prog, attr, uattr); 2333 if (err < 0) 2334 goto free_used_maps; 2335 2336 prog = bpf_prog_select_runtime(prog, &err); 2337 if (err < 0) 2338 goto free_used_maps; 2339 2340 err = bpf_prog_alloc_id(prog); 2341 if (err) 2342 goto free_used_maps; 2343 2344 /* Upon success of bpf_prog_alloc_id(), the BPF prog is 2345 * effectively publicly exposed. However, retrieving via 2346 * bpf_prog_get_fd_by_id() will take another reference, 2347 * therefore it cannot be gone underneath us. 2348 * 2349 * Only for the time /after/ successful bpf_prog_new_fd() 2350 * and before returning to userspace, we might just hold 2351 * one reference and any parallel close on that fd could 2352 * rip everything out. Hence, below notifications must 2353 * happen before bpf_prog_new_fd(). 2354 * 2355 * Also, any failure handling from this point onwards must 2356 * be using bpf_prog_put() given the program is exposed. 2357 */ 2358 bpf_prog_kallsyms_add(prog); 2359 perf_event_bpf_event(prog, PERF_BPF_EVENT_PROG_LOAD, 0); 2360 bpf_audit_prog(prog, BPF_AUDIT_LOAD); 2361 2362 err = bpf_prog_new_fd(prog); 2363 if (err < 0) 2364 bpf_prog_put(prog); 2365 return err; 2366 2367 free_used_maps: 2368 /* In case we have subprogs, we need to wait for a grace 2369 * period before we can tear down JIT memory since symbols 2370 * are already exposed under kallsyms. 2371 */ 2372 __bpf_prog_put_noref(prog, prog->aux->func_cnt); 2373 return err; 2374 free_prog_sec: 2375 free_uid(prog->aux->user); 2376 security_bpf_prog_free(prog->aux); 2377 free_prog: 2378 if (prog->aux->attach_btf) 2379 btf_put(prog->aux->attach_btf); 2380 bpf_prog_free(prog); 2381 return err; 2382 } 2383 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org