On Thu, Sep 5, 2024 at 12:56 AM Philo Lu <[email protected]> wrote: > > Pointers passed to tp_btf were trusted to be valid, but some tracepoints > do take NULL pointer as input, such as trace_tcp_send_reset(). Then the > invalid memory access cannot be detected by verifier. > > This patch fix it by add a suffix "__nullable" to the unreliable > argument. The suffix is shown in btf, and PTR_MAYBE_NULL will be added > to nullable arguments. Then users must check the pointer before use it. > > A problem here is that we use "btf_trace_##call" to search func_proto. > As it is a typedef, argument names as well as the suffix are not > recorded. To solve this, I use bpf_raw_event_map to find > "__bpf_trace##template" from "btf_trace_##call", and then we can see the > suffix.
BTW, just curious, is it a pure coincidence that I solved the same problem in retsnoop with the same approach (see extensive comment in [0]) about 2 weeks ago, or retsnoop's approach was an inspiration here? [0] https://github.com/anakryiko/retsnoop/commit/7b253fc55b51d447e5ea91d99f60d9c34934f799 > > Suggested-by: Alexei Starovoitov <[email protected]> > Signed-off-by: Philo Lu <[email protected]> > --- > kernel/bpf/btf.c | 13 +++++++++++++ > kernel/bpf/verifier.c | 36 +++++++++++++++++++++++++++++++++--- > 2 files changed, 46 insertions(+), 3 deletions(-) > [...]
