From: Leon Hwang <leon.hwang@linux.dev>
To: Feng Yang <yangfeng59949@163.com>
Cc: andrii@kernel.org, ast@kernel.org, bpf@vger.kernel.org,
daniel@iogearbox.net, eddyz87@gmail.com, jiayuan.chen@linux.dev,
john.fastabend@gmail.com, jolsa@kernel.org, kpsingh@kernel.org,
linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org,
martin.lau@linux.dev, mattbobrowski@google.com, memxor@gmail.com,
song@kernel.org
Subject: Re: [PATCH v2 bpf-next 1/2] bpf: Fix Null-Pointer Dereference in kernel_clone() via BPF fmod_ret on security_task_alloc
Date: Fri, 10 Apr 2026 15:49:15 +0800 [thread overview]
Message-ID: <8fd076d2-af88-4e35-8009-797132511063@linux.dev> (raw)
In-Reply-To: <20260410074039.187816-1-yangfeng59949@163.com>
On 10/4/26 15:40, Feng Yang wrote:
> On Fri, 10 Apr 2026 15:21:26 +0800 Leon Hwang wrote:
>> On 10/4/26 14:10, Feng Yang wrote:
>>> From: Feng Yang <yangfeng@kylinos.cn>
>>>
>>
>> [...]
>>
>>> +
>>> +static int check_attach_sleepable(u32 btf_id, unsigned long addr, const char *func_name)
>>> +{
>>> + /* fentry/fexit/fmod_ret progs can be sleepable if they are
>>> + * attached to ALLOW_ERROR_INJECTION and are not in denylist.
>>> + */
>>> + if (!check_non_sleepable_error_inject(btf_id) &&
>>> + within_error_injection_list(addr))
>>> + return 0;
>>> +
>>> + return -EINVAL;
>>> +}
>>> +
>>> +static int check_attach_modify_return(unsigned long addr, const char *func_name)
>>> +{
>>> + if (within_error_injection_list(addr) ||
>>> + !strncmp(SECURITY_PREFIX, func_name, sizeof(SECURITY_PREFIX) - 1))
>>> + return 0;
>>> +
>>> + return -EINVAL;
>>> +}
>>
>> Why did you move them here? Seems that you didn't use them.
>
> Because CONFIG_FUNCTION_ERROR_INJECTION is directly reused here,
> and the function has_arch_syscall_prefix is intended to be used.
>
You can declare the function instead. No?
But, the function has_arch_syscall_prefix was not used in your new code?
Thanks,
Leon
next prev parent reply other threads:[~2026-04-10 7:49 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-10 6:10 [PATCH v2 bpf-next 0/2] bpf: Fix Null-Pointer Dereference in kernel_clone() via BPF fmod_ret on security_task_alloc Feng Yang
2026-04-10 6:10 ` [PATCH v2 bpf-next 1/2] " Feng Yang
2026-04-10 7:00 ` bot+bpf-ci
2026-04-10 8:24 ` Feng Yang
2026-04-10 7:21 ` Leon Hwang
2026-04-10 7:36 ` Leon Hwang
2026-04-10 7:40 ` Feng Yang
2026-04-10 7:49 ` Leon Hwang [this message]
2026-04-10 8:07 ` Feng Yang
2026-04-10 8:03 ` Feng Yang
2026-04-10 8:27 ` Leon Hwang
2026-04-10 9:20 ` Menglong Dong
2026-04-10 6:10 ` [PATCH v2 bpf-next 2/2] selftests/bpf: Add selftests for verifying return values of fmod_ret Feng Yang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8fd076d2-af88-4e35-8009-797132511063@linux.dev \
--to=leon.hwang@linux.dev \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=eddyz87@gmail.com \
--cc=jiayuan.chen@linux.dev \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kpsingh@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=martin.lau@linux.dev \
--cc=mattbobrowski@google.com \
--cc=memxor@gmail.com \
--cc=song@kernel.org \
--cc=yangfeng59949@163.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox