Re: [PATCH bpf 1/2] bpf: Gate dynptr probe-read kfuncs like helpers

[sashiko-bot@kernel.org]

Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:

Pre-existing issues:
- [High] The patch fails to apply the CAP_PERFMON privilege check to the dynptr `copy_from_user` kfuncs (e.g., `bpf_copy_from_user_task_dynptr`), bypassing the security requirements enforced on cross-process memory reads.
--

commit 6b909427f5d275b8ba84a3cae17389eff1d7a985
Author: Nuoqi Gui <gnq25@mails.tsinghua.edu.cn>

bpf: Gate dynptr probe-read kfuncs like helpers

This patch adds a common kfunc filter that mirrors the helper policy for
probe-read dynptr kfuncs. It requires CAP_PERFMON for all four nofault
probe-read variants and applies the lockdown check to kernel-read variants.

> diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c
> index 9ca1951046679..fbef89196f851 100644
> --- a/kernel/bpf/helpers.c
> +++ b/kernel/bpf/helpers.c
> @@ -4961,9 +4961,41 @@ BTF_ID_FLAGS(func, bpf_dynptr_file_discard)
>  BTF_ID_FLAGS(func, bpf_timer_cancel_async)
>  BTF_KFUNCS_END(common_btf_ids)
>  
> +#ifdef CONFIG_BPF_EVENTS
> +BTF_KFUNCS_START(probe_read_dynptr_kfunc_ids)
> +BTF_ID_FLAGS(func, bpf_probe_read_user_dynptr)
> +BTF_ID_FLAGS(func, bpf_probe_read_kernel_dynptr)
> +BTF_ID_FLAGS(func, bpf_probe_read_user_str_dynptr)
> +BTF_ID_FLAGS(func, bpf_probe_read_kernel_str_dynptr)
> +BTF_KFUNCS_END(probe_read_dynptr_kfunc_ids)

[Severity: High]
This is a pre-existing issue, but shouldn't the copy_from_user dynptr kfuncs
(such as bpf_copy_from_user_task_dynptr and bpf_copy_from_user_task_str_dynptr)
also be included in this set?

Because they are missing from this set, they remain available to
BPF_PROG_TYPE_SYSCALL programs, which do not require CAP_PERFMON to load.

> +
> +BTF_KFUNCS_START(probe_read_kernel_dynptr_kfunc_ids)
> +BTF_ID_FLAGS(func, bpf_probe_read_kernel_dynptr)
> +BTF_ID_FLAGS(func, bpf_probe_read_kernel_str_dynptr)
> +BTF_KFUNCS_END(probe_read_kernel_dynptr_kfunc_ids)
> +#endif
> +
> +static int common_kfunc_filter(const struct bpf_prog *prog, u32 kfunc_id)
> +{
> +#ifdef CONFIG_BPF_EVENTS
> +	if (!btf_id_set8_contains(&probe_read_dynptr_kfunc_ids, kfunc_id))
> +		return 0;

[Severity: High]
This is a pre-existing issue, but does this explicit return leave the sleepable
cross-task memory read kfuncs completely unrestricted?

An attacker with only CAP_BPF could load a sleepable syscall program, obtain a
task reference using the bpf_task_from_pid() kfunc, and call
bpf_copy_from_user_task_dynptr() to read memory from any process on the system
(including root-owned processes).

This bypasses security requirements because access_process_vm() does not
internally enforce ptrace_may_access checks, relying entirely on the BPF
verifier's capability gates, which are skipped here.

> +
> +	if (!bpf_token_capable(prog->aux->token, CAP_PERFMON))
> +		return -EACCES;

-- 
Sashiko AI review · https://sashiko.dev/#/patchset/20260615-f01-07-dynptr-probe-read-cap-v1-0-e626cd61a381@mails.tsinghua.edu.cn?part=1