From: Eduard Zingerman <eddyz87@gmail.com>
To: bpf@vger.kernel.org, ast@kernel.org, andrii@kernel.org
Cc: daniel@iogearbox.net, martin.lau@linux.dev, kernel-team@fb.com,
yonghong.song@linux.dev, eddyz87@gmail.com
Subject: [PATCH bpf-next v3 0/3] bpf: allow void* cast using bpf_rdonly_cast()
Date: Wed, 25 Jun 2025 11:24:11 -0700 [thread overview]
Message-ID: <20250625182414.30659-1-eddyz87@gmail.com> (raw)
Currently, pointers returned by `bpf_rdonly_cast()` have a type of
"pointer to btf id", and only casts to structure types are allowed.
Access to memory pointed to by these pointers is done through
`BPF_PROBE_{MEM,MEMSX}` instructions and does not produce errors on
invalid memory access.
This patch set extends `bpf_rdonly_cast()` to allow casts to an
equivalent of 'void *', effectively replacing
`bpf_probe_read_kernel()` calls in situations where access to
individual bytes or integers is necessary.
The mechanism was suggested and explored by Andrii Nakryiko in [1].
To help with detecting support for this feature, an
`enum bpf_features` is added with intended usage as follows:
if (bpf_core_enum_value_exists(enum bpf_features,
BPF_FEAT_RDONLY_CAST_TO_VOID))
...
[1] https://github.com/anakryiko/linux/tree/bpf-mem-cast
Changelog:
v2: https://lore.kernel.org/bpf/20250625000520.2700423-1-eddyz87@gmail.com/
v2 -> v3:
- dropped direct numbering for __MAX_BPF_FEAT.
v1: https://lore.kernel.org/bpf/20250624191009.902874-1-eddyz87@gmail.com/
v1 -> v2:
- renamed BPF_FEAT_TOTAL to __MAX_BPF_FEAT and moved patch introducing
bpf_features enum to the start of the series (Alexei);
- dropped patch #3 allowing optout from CAP_SYS_ADMIN drop in
prog_tests/verifier.c, use a separate runner in prog_tests/*
instead.
Eduard Zingerman (3):
bpf: add bpf_features enum
bpf: allow void* cast using bpf_rdonly_cast()
selftests/bpf: check operations on untrusted ro pointers to mem
kernel/bpf/verifier.c | 79 ++++++++--
.../bpf/prog_tests/mem_rdonly_untrusted.c | 9 ++
.../bpf/progs/mem_rdonly_untrusted.c | 136 ++++++++++++++++++
3 files changed, 212 insertions(+), 12 deletions(-)
create mode 100644 tools/testing/selftests/bpf/prog_tests/mem_rdonly_untrusted.c
create mode 100644 tools/testing/selftests/bpf/progs/mem_rdonly_untrusted.c
--
2.47.1
next reply other threads:[~2025-06-25 18:24 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-25 18:24 Eduard Zingerman [this message]
2025-06-25 18:24 ` [PATCH bpf-next v3 1/3] bpf: add bpf_features enum Eduard Zingerman
2025-06-25 18:24 ` [PATCH bpf-next v3 2/3] bpf: allow void* cast using bpf_rdonly_cast() Eduard Zingerman
2025-06-25 18:24 ` [PATCH bpf-next v3 3/3] selftests/bpf: check operations on untrusted ro pointers to mem Eduard Zingerman
2025-06-25 19:38 ` Andrii Nakryiko
2025-06-25 19:46 ` Eduard Zingerman
2025-06-25 22:14 ` Alexei Starovoitov
2025-06-25 19:39 ` [PATCH bpf-next v3 0/3] bpf: allow void* cast using bpf_rdonly_cast() Andrii Nakryiko
2025-06-25 22:20 ` patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250625182414.30659-1-eddyz87@gmail.com \
--to=eddyz87@gmail.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=kernel-team@fb.com \
--cc=martin.lau@linux.dev \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.