These patches fix an issue where sleepable kprobe_multi programs were allowed to attach, leading to "sleeping function called from invalid context" splats.
Because kprobe.multi programs run in atomic/RCU context, they cannot sleep. However, `bpf_kprobe_multi_link_attach()` previously lacked validation for the `prog->sleepable` flag. This allowed sleepable helpers, such as `bpf_copy_from_user()`, to be invoked from an invalid non-sleepable context. This series addresses the issue by: 1. Rejecting sleepable kprobe_multi programs early in `bpf_kprobe_multi_link_attach()` by returning -EINVAL. 2. Adding selftests to explicitly verify that attaching a sleepable kprobe_multi program is rejected by the kernel. P.S: The first of these two commits has been applied to the bpf tree. Changes: v1->v2: - v1: https://lore.kernel.org/bpf/[email protected]/ - Defective selftest added v2->v3: - v2: https://lore.kernel.org/bpf/cap01t74ygnkop-dgwbtoocfg4_d44t1wubopfypmquircma...@mail.gmail.com/ - Selftest separated from change into different commit. v3->v4: - v3: https://lore.kernel.org/bpf/[email protected]/ - Selftest moved to test_attach_api_fails. - Changed attachment symbol to bpf_fentry_test1 for stability. - Changes suggested by Leon implemented. Varun R Mallya (2): bpf: Reject sleepable kprobe_multi programs at attach time selftests/bpf: Add test to ensure kprobe_multi is not sleepable kernel/trace/bpf_trace.c | 4 + .../bpf/prog_tests/kprobe_multi_test.c | 78 ++++++++++++++++++- .../bpf/progs/kprobe_multi_sleepable.c | 25 ++++++ 3 files changed, 106 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/bpf/progs/kprobe_multi_sleepable.c -- 2.53.0
