diff options
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/bpf/cpumap.c | 13 | ||||
| -rw-r--r-- | kernel/bpf/inode.c | 32 | ||||
| -rw-r--r-- | kernel/bpf/verifier.c | 5 | ||||
| -rw-r--r-- | kernel/signal.c | 13 |
4 files changed, 35 insertions, 28 deletions
diff --git a/kernel/bpf/cpumap.c b/kernel/bpf/cpumap.c index 8974b3755670..3c18260403dd 100644 --- a/kernel/bpf/cpumap.c +++ b/kernel/bpf/cpumap.c | |||
| @@ -162,10 +162,14 @@ static void cpu_map_kthread_stop(struct work_struct *work) | |||
| 162 | static struct sk_buff *cpu_map_build_skb(struct bpf_cpu_map_entry *rcpu, | 162 | static struct sk_buff *cpu_map_build_skb(struct bpf_cpu_map_entry *rcpu, |
| 163 | struct xdp_frame *xdpf) | 163 | struct xdp_frame *xdpf) |
| 164 | { | 164 | { |
| 165 | unsigned int hard_start_headroom; | ||
| 165 | unsigned int frame_size; | 166 | unsigned int frame_size; |
| 166 | void *pkt_data_start; | 167 | void *pkt_data_start; |
| 167 | struct sk_buff *skb; | 168 | struct sk_buff *skb; |
| 168 | 169 | ||
| 170 | /* Part of headroom was reserved to xdpf */ | ||
| 171 | hard_start_headroom = sizeof(struct xdp_frame) + xdpf->headroom; | ||
| 172 | |||
| 169 | /* build_skb need to place skb_shared_info after SKB end, and | 173 | /* build_skb need to place skb_shared_info after SKB end, and |
| 170 | * also want to know the memory "truesize". Thus, need to | 174 | * also want to know the memory "truesize". Thus, need to |
| 171 | * know the memory frame size backing xdp_buff. | 175 | * know the memory frame size backing xdp_buff. |
| @@ -183,15 +187,15 @@ static struct sk_buff *cpu_map_build_skb(struct bpf_cpu_map_entry *rcpu, | |||
| 183 | * is not at a fixed memory location, with mixed length | 187 | * is not at a fixed memory location, with mixed length |
| 184 | * packets, which is bad for cache-line hotness. | 188 | * packets, which is bad for cache-line hotness. |
| 185 | */ | 189 | */ |
| 186 | frame_size = SKB_DATA_ALIGN(xdpf->len + xdpf->headroom) + | 190 | frame_size = SKB_DATA_ALIGN(xdpf->len + hard_start_headroom) + |
| 187 | SKB_DATA_ALIGN(sizeof(struct skb_shared_info)); | 191 | SKB_DATA_ALIGN(sizeof(struct skb_shared_info)); |
| 188 | 192 | ||
| 189 | pkt_data_start = xdpf->data - xdpf->headroom; | 193 | pkt_data_start = xdpf->data - hard_start_headroom; |
| 190 | skb = build_skb(pkt_data_start, frame_size); | 194 | skb = build_skb(pkt_data_start, frame_size); |
| 191 | if (!skb) | 195 | if (!skb) |
| 192 | return NULL; | 196 | return NULL; |
| 193 | 197 | ||
| 194 | skb_reserve(skb, xdpf->headroom); | 198 | skb_reserve(skb, hard_start_headroom); |
| 195 | __skb_put(skb, xdpf->len); | 199 | __skb_put(skb, xdpf->len); |
| 196 | if (xdpf->metasize) | 200 | if (xdpf->metasize) |
| 197 | skb_metadata_set(skb, xdpf->metasize); | 201 | skb_metadata_set(skb, xdpf->metasize); |
| @@ -205,6 +209,9 @@ static struct sk_buff *cpu_map_build_skb(struct bpf_cpu_map_entry *rcpu, | |||
| 205 | * - RX ring dev queue index (skb_record_rx_queue) | 209 | * - RX ring dev queue index (skb_record_rx_queue) |
| 206 | */ | 210 | */ |
| 207 | 211 | ||
| 212 | /* Allow SKB to reuse area used by xdp_frame */ | ||
| 213 | xdp_scrub_frame(xdpf); | ||
| 214 | |||
| 208 | return skb; | 215 | return skb; |
| 209 | } | 216 | } |
| 210 | 217 | ||
diff --git a/kernel/bpf/inode.c b/kernel/bpf/inode.c index 2ada5e21dfa6..4a8f390a2b82 100644 --- a/kernel/bpf/inode.c +++ b/kernel/bpf/inode.c | |||
| @@ -554,19 +554,6 @@ struct bpf_prog *bpf_prog_get_type_path(const char *name, enum bpf_prog_type typ | |||
| 554 | } | 554 | } |
| 555 | EXPORT_SYMBOL(bpf_prog_get_type_path); | 555 | EXPORT_SYMBOL(bpf_prog_get_type_path); |
| 556 | 556 | ||
| 557 | static void bpf_evict_inode(struct inode *inode) | ||
| 558 | { | ||
| 559 | enum bpf_type type; | ||
| 560 | |||
| 561 | truncate_inode_pages_final(&inode->i_data); | ||
| 562 | clear_inode(inode); | ||
| 563 | |||
| 564 | if (S_ISLNK(inode->i_mode)) | ||
| 565 | kfree(inode->i_link); | ||
| 566 | if (!bpf_inode_type(inode, &type)) | ||
| 567 | bpf_any_put(inode->i_private, type); | ||
| 568 | } | ||
| 569 | |||
| 570 | /* | 557 | /* |
| 571 | * Display the mount options in /proc/mounts. | 558 | * Display the mount options in /proc/mounts. |
| 572 | */ | 559 | */ |
| @@ -579,11 +566,28 @@ static int bpf_show_options(struct seq_file *m, struct dentry *root) | |||
| 579 | return 0; | 566 | return 0; |
| 580 | } | 567 | } |
| 581 | 568 | ||
| 569 | static void bpf_destroy_inode_deferred(struct rcu_head *head) | ||
| 570 | { | ||
| 571 | struct inode *inode = container_of(head, struct inode, i_rcu); | ||
| 572 | enum bpf_type type; | ||
| 573 | |||
| 574 | if (S_ISLNK(inode->i_mode)) | ||
| 575 | kfree(inode->i_link); | ||
| 576 | if (!bpf_inode_type(inode, &type)) | ||
| 577 | bpf_any_put(inode->i_private, type); | ||
| 578 | free_inode_nonrcu(inode); | ||
| 579 | } | ||
| 580 | |||
| 581 | static void bpf_destroy_inode(struct inode *inode) | ||
| 582 | { | ||
| 583 | call_rcu(&inode->i_rcu, bpf_destroy_inode_deferred); | ||
| 584 | } | ||
| 585 | |||
| 582 | static const struct super_operations bpf_super_ops = { | 586 | static const struct super_operations bpf_super_ops = { |
| 583 | .statfs = simple_statfs, | 587 | .statfs = simple_statfs, |
| 584 | .drop_inode = generic_delete_inode, | 588 | .drop_inode = generic_delete_inode, |
| 585 | .show_options = bpf_show_options, | 589 | .show_options = bpf_show_options, |
| 586 | .evict_inode = bpf_evict_inode, | 590 | .destroy_inode = bpf_destroy_inode, |
| 587 | }; | 591 | }; |
| 588 | 592 | ||
| 589 | enum { | 593 | enum { |
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index fd502c1f71eb..6c5a41f7f338 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c | |||
| @@ -1897,8 +1897,9 @@ continue_func: | |||
| 1897 | } | 1897 | } |
| 1898 | frame++; | 1898 | frame++; |
| 1899 | if (frame >= MAX_CALL_FRAMES) { | 1899 | if (frame >= MAX_CALL_FRAMES) { |
| 1900 | WARN_ONCE(1, "verifier bug. Call stack is too deep\n"); | 1900 | verbose(env, "the call stack of %d frames is too deep !\n", |
| 1901 | return -EFAULT; | 1901 | frame); |
| 1902 | return -E2BIG; | ||
| 1902 | } | 1903 | } |
| 1903 | goto process_func; | 1904 | goto process_func; |
| 1904 | } | 1905 | } |
diff --git a/kernel/signal.c b/kernel/signal.c index b7953934aa99..f98448cf2def 100644 --- a/kernel/signal.c +++ b/kernel/signal.c | |||
| @@ -3605,16 +3605,11 @@ SYSCALL_DEFINE4(pidfd_send_signal, int, pidfd, int, sig, | |||
| 3605 | if (unlikely(sig != kinfo.si_signo)) | 3605 | if (unlikely(sig != kinfo.si_signo)) |
| 3606 | goto err; | 3606 | goto err; |
| 3607 | 3607 | ||
| 3608 | /* Only allow sending arbitrary signals to yourself. */ | ||
| 3609 | ret = -EPERM; | ||
| 3608 | if ((task_pid(current) != pid) && | 3610 | if ((task_pid(current) != pid) && |
| 3609 | (kinfo.si_code >= 0 || kinfo.si_code == SI_TKILL)) { | 3611 | (kinfo.si_code >= 0 || kinfo.si_code == SI_TKILL)) |
| 3610 | /* Only allow sending arbitrary signals to yourself. */ | 3612 | goto err; |
| 3611 | ret = -EPERM; | ||
| 3612 | if (kinfo.si_code != SI_USER) | ||
| 3613 | goto err; | ||
| 3614 | |||
| 3615 | /* Turn this into a regular kill signal. */ | ||
| 3616 | prepare_kill_siginfo(sig, &kinfo); | ||
| 3617 | } | ||
| 3618 | } else { | 3613 | } else { |
| 3619 | prepare_kill_siginfo(sig, &kinfo); | 3614 | prepare_kill_siginfo(sig, &kinfo); |
| 3620 | } | 3615 | } |