Re: [PATCH RFC] bpf: Fix trampoline for functions with variable arguments

[Jiri Olsa <jolsa@redhat.com>]

On Tue, May 04, 2021 at 09:11:26PM -0700, Alexei Starovoitov wrote:

SNIP

> > > > >
> > > > > actualy looks like we need to disable functions with variable arguments
> > > > > completely, because we don't know how many arguments to save
> > > > >
> > > > > I tried to disable them in pahole and it's easy fix, will post new fix
> > > >
> > > > Can we still allow access to fixed arguments for such functions and
> > > > just disallow the vararg ones?
> > >
> > > the problem is that we should save all the registers for arguments,
> > > which is probably doable.. but if caller uses more than 6 arguments,
> > > we need stack data, which will be wrong because of the extra stack
> > > frame we do in bpf trampoline.. so we could crash
> > >
> > > the patch below prevents to attach these functions directly in kernel,
> > > so we could keep these functions in BTF
> > >
> > > jirka
> > >
> > >
> > > ---
> > > diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c
> > > index 0600ed325fa0..f9709dc08c44 100644
> > > --- a/kernel/bpf/btf.c
> > > +++ b/kernel/bpf/btf.c
> > > @@ -5213,6 +5213,13 @@ int btf_distill_func_proto(struct bpf_verifier_log *log,
> > >                                 tname, i, btf_kind_str[BTF_INFO_KIND(t->info)]);
> > >                         return -EINVAL;
> > >                 }
> > > +               if (ret == 0) {
> > > +                       bpf_log(log,
> > > +                               "The function %s has variable args, it's unsupported.\n",
> > > +                               tname);
> > > +                       return -EINVAL;
> > > +
> > > +               }
> >
> > this will work, but the explicit check for vararg should be `i ==
> > nargs - 1 && args[i].type == 0`. Everything else (if it happens) is
> > probably a bad BTF data.
> 
> Jiri,
> could you please resubmit with the check like Andrii suggested?
> Thanks!
> 

yes, will send it later today

jirka