mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
synced 2025-01-15 02:05:33 +00:00
c83508da56
BPF program types like kprobe and fentry can cause deadlocks in certain situations. If a function takes a lock and one of these bpf programs is hooked to some point in the function's critical section, and if the bpf program tries to call the same function and take the same lock it will lead to deadlock. These situations have been reported in the following bug reports. In percpu_freelist - Link: https://lore.kernel.org/bpf/CAADnVQLAHwsa+2C6j9+UC6ScrDaN9Fjqv1WjB1pP9AzJLhKuLQ@mail.gmail.com/T/ Link: https://lore.kernel.org/bpf/CAPPBnEYm+9zduStsZaDnq93q1jPLqO-PiKX9jy0MuL8LCXmCrQ@mail.gmail.com/T/ In bpf_lru_list - Link: https://lore.kernel.org/bpf/CAPPBnEajj+DMfiR_WRWU5=6A7KKULdB5Rob_NJopFLWF+i9gCA@mail.gmail.com/T/ Link: https://lore.kernel.org/bpf/CAPPBnEZQDVN6VqnQXvVqGoB+ukOtHGZ9b9U0OLJJYvRoSsMY_g@mail.gmail.com/T/ Link: https://lore.kernel.org/bpf/CAPPBnEaCB1rFAYU7Wf8UxqcqOWKmRPU1Nuzk3_oLk6qXR7LBOA@mail.gmail.com/T/ Similar bugs have been reported by syzbot. In queue_stack_maps - Link: https://lore.kernel.org/lkml/0000000000004c3fc90615f37756@google.com/ Link: https://lore.kernel.org/all/20240418230932.2689-1-hdanton@sina.com/T/ In lpm_trie - Link: https://lore.kernel.org/linux-kernel/00000000000035168a061a47fa38@google.com/T/ In ringbuf - Link: https://lore.kernel.org/bpf/20240313121345.2292-1-hdanton@sina.com/T/ Prevent kprobe and fentry bpf programs from attaching to these critical sections by removing CC_FLAGS_FTRACE for percpu_freelist.o, bpf_lru_list.o, queue_stack_maps.o, lpm_trie.o, ringbuf.o files. The bugs reported by syzbot are due to tracepoint bpf programs being called in the critical sections. This patch does not aim to fix deadlocks caused by tracepoint programs. However, it does prevent deadlocks from occurring in similar situations due to kprobe and fentry programs. Signed-off-by: Priya Bala Govindasamy <pgovind2@uci.edu> Link: https://lore.kernel.org/r/CAPPBnEZpjGnsuA26Mf9kYibSaGLm=oF6=12L21X1GEQdqjLnzQ@mail.gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
62 lines
2.3 KiB
Makefile
62 lines
2.3 KiB
Makefile
# SPDX-License-Identifier: GPL-2.0
|
|
obj-y := core.o
|
|
ifneq ($(CONFIG_BPF_JIT_ALWAYS_ON),y)
|
|
# ___bpf_prog_run() needs GCSE disabled on x86; see 3193c0836f203 for details
|
|
cflags-nogcse-$(CONFIG_X86)$(CONFIG_CC_IS_GCC) := -fno-gcse
|
|
endif
|
|
CFLAGS_core.o += -Wno-override-init $(cflags-nogcse-yy)
|
|
|
|
obj-$(CONFIG_BPF_SYSCALL) += syscall.o verifier.o inode.o helpers.o tnum.o log.o token.o
|
|
obj-$(CONFIG_BPF_SYSCALL) += bpf_iter.o map_iter.o task_iter.o prog_iter.o link_iter.o
|
|
obj-$(CONFIG_BPF_SYSCALL) += hashtab.o arraymap.o percpu_freelist.o bpf_lru_list.o lpm_trie.o map_in_map.o bloom_filter.o
|
|
obj-$(CONFIG_BPF_SYSCALL) += local_storage.o queue_stack_maps.o ringbuf.o
|
|
obj-$(CONFIG_BPF_SYSCALL) += bpf_local_storage.o bpf_task_storage.o
|
|
obj-${CONFIG_BPF_LSM} += bpf_inode_storage.o
|
|
obj-$(CONFIG_BPF_SYSCALL) += disasm.o mprog.o
|
|
obj-$(CONFIG_BPF_JIT) += trampoline.o
|
|
obj-$(CONFIG_BPF_SYSCALL) += btf.o memalloc.o
|
|
ifeq ($(CONFIG_MMU)$(CONFIG_64BIT),yy)
|
|
obj-$(CONFIG_BPF_SYSCALL) += arena.o range_tree.o
|
|
endif
|
|
obj-$(CONFIG_BPF_JIT) += dispatcher.o
|
|
ifeq ($(CONFIG_NET),y)
|
|
obj-$(CONFIG_BPF_SYSCALL) += devmap.o
|
|
obj-$(CONFIG_BPF_SYSCALL) += cpumap.o
|
|
obj-$(CONFIG_BPF_SYSCALL) += offload.o
|
|
obj-$(CONFIG_BPF_SYSCALL) += net_namespace.o
|
|
obj-$(CONFIG_BPF_SYSCALL) += tcx.o
|
|
endif
|
|
ifeq ($(CONFIG_PERF_EVENTS),y)
|
|
obj-$(CONFIG_BPF_SYSCALL) += stackmap.o
|
|
endif
|
|
ifeq ($(CONFIG_CGROUPS),y)
|
|
obj-$(CONFIG_BPF_SYSCALL) += cgroup_iter.o bpf_cgrp_storage.o
|
|
endif
|
|
obj-$(CONFIG_CGROUP_BPF) += cgroup.o
|
|
ifeq ($(CONFIG_INET),y)
|
|
obj-$(CONFIG_BPF_SYSCALL) += reuseport_array.o
|
|
endif
|
|
ifeq ($(CONFIG_SYSFS),y)
|
|
obj-$(CONFIG_DEBUG_INFO_BTF) += sysfs_btf.o
|
|
endif
|
|
ifeq ($(CONFIG_BPF_JIT),y)
|
|
obj-$(CONFIG_BPF_SYSCALL) += bpf_struct_ops.o
|
|
obj-$(CONFIG_BPF_SYSCALL) += cpumask.o
|
|
obj-${CONFIG_BPF_LSM} += bpf_lsm.o
|
|
endif
|
|
ifneq ($(CONFIG_CRYPTO),)
|
|
obj-$(CONFIG_BPF_SYSCALL) += crypto.o
|
|
endif
|
|
obj-$(CONFIG_BPF_PRELOAD) += preload/
|
|
|
|
obj-$(CONFIG_BPF_SYSCALL) += relo_core.o
|
|
obj-$(CONFIG_BPF_SYSCALL) += btf_iter.o
|
|
obj-$(CONFIG_BPF_SYSCALL) += btf_relocate.o
|
|
obj-$(CONFIG_BPF_SYSCALL) += kmem_cache_iter.o
|
|
|
|
CFLAGS_REMOVE_percpu_freelist.o = $(CC_FLAGS_FTRACE)
|
|
CFLAGS_REMOVE_bpf_lru_list.o = $(CC_FLAGS_FTRACE)
|
|
CFLAGS_REMOVE_queue_stack_maps.o = $(CC_FLAGS_FTRACE)
|
|
CFLAGS_REMOVE_lpm_trie.o = $(CC_FLAGS_FTRACE)
|
|
CFLAGS_REMOVE_ringbuf.o = $(CC_FLAGS_FTRACE)
|