On Mon, Oct 26, 2015 at 07:13:08AM +0000, Wang Nan wrote: > Many reasons can make bpf_prog_load() return EINVAL. This patch utilizes > logbuf to deliver the actual reason of the failure. > > Without this patch, it is very easy for user to pass an object with > "version" section not match the kernel version code, and the problem > is hard to determine from return code (EINVAL). > > Signed-off-by: Wang Nan <wangn...@huawei.com> > Cc: Alexei Starovoitov <a...@kernel.org> > Cc: Arnaldo Carvalho de Melo <a...@redhat.com> > Cc: David S. Miller <da...@davemloft.net> > Cc: Wu Fengguang <fengguang...@intel.com>
NACK for both implementation and design. > + /* Don't need care the copying result too much */ > + WARN(copy_to_user(log_ubuf, log_buf, log_size), > + KERN_WARNING "Failed to copy BPF error note '%s' to log buffer\n", > + log_buf); unprivilged user will be spamming kernel logs?! > - if (attr->insn_cnt >= BPF_MAXINSNS) > + if (attr->insn_cnt >= BPF_MAXINSNS) { > + bpf_prog_load_note(attr, "Too many instructions: %d > %d\n", > + attr->insn_cnt, BPF_MAXINSNS); > return -EINVAL; if user space did that, it's wrong and can detect it on its own. > if (type == BPF_PROG_TYPE_KPROBE && > - attr->kern_version != LINUX_VERSION_CODE) > + attr->kern_version != LINUX_VERSION_CODE) { > + bpf_prog_load_note(attr, > + "Kernel version mismatch: 0x%x != 0x%x\n", > + attr->kern_version, LINUX_VERSION_CODE); > return -EINVAL; user space (perf) could have checked that on its own without kernel changes. > /* find program type: socket_filter vs tracing_filter */ > err = find_prog_type(type, prog); > - if (err < 0) > + if (err < 0) { > + bpf_prog_load_note(attr, "Invalid program type: %d\n", type); > goto free_prog; same here. In general syscalls muxing different error conditions into EINVAL is a kernel wide problem and should be solved for all. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/