Re: [PATCH bpf] bpf: add check for invalid name in btf_name_valid_section()

BPF List
 help / color / mirror / Atom feed

From: Eduard Zingerman <eddyz87@gmail.com>
To: Jeongjun Park <aha310510@gmail.com>
Cc: alexei.starovoitov@gmail.com, andrii@kernel.org, ast@kernel.org,
	 bpf@vger.kernel.org, daniel@iogearbox.net, haoluo@google.com,
	 john.fastabend@gmail.com, jolsa@kernel.org, kpsingh@kernel.org,
	 linux-kernel@vger.kernel.org, martin.lau@linux.dev,
	sdf@fomichev.me,  song@kernel.org, yonghong.song@linux.dev
Subject: Re: [PATCH bpf] bpf: add check for invalid name in btf_name_valid_section()
Date: Fri, 30 Aug 2024 02:42:19 -0700	[thread overview]
Message-ID: <bd8a6dc3e52369a30c73578ea1144a48f736f393.camel@gmail.com> (raw)
In-Reply-To: <07EBE3E5-61A7-4F64-92BA-24A1DCA9583B@gmail.com>

On Fri, 2024-08-30 at 11:03 +0900, Jeongjun Park wrote:

[...]

> > diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c
> > index edad152cee8e..d583d76fcace 100644
> > --- a/kernel/bpf/btf.c
> > +++ b/kernel/bpf/btf.c
> > @@ -820,7 +820,6 @@ static bool btf_name_valid_section(const struct btf *btf, u32 offset)
> > 
> >        /* set a limit on identifier length */
> >        src_limit = src + KSYM_NAME_LEN;
> > -       src++;
> >        while (*src && src < src_limit) {
> >                if (!isprint(*src))
> >                        return false;
> 
> However, this patch is logically flawed. 
> It will return true for invalid names with 
> length 1 and src[0] being NULL. So I think 
> it's better to stick with the original patch.

Fair enough, however the isprint check should be done for the first character.
So the full fix is a combination :)

--- a/kernel/bpf/btf.c
+++ b/kernel/bpf/btf.c
@@ -818,9 +818,11 @@ static bool btf_name_valid_section(const struct btf *btf, u32 offset)
        const char *src = btf_str_by_offset(btf, offset);
        const char *src_limit;
 
+       if (!*src)
+               return false;
+
        /* set a limit on identifier length */
        src_limit = src + KSYM_NAME_LEN;
-       src++;
        while (*src && src < src_limit) {
                if (!isprint(*src))
                        return false;


And corresponding test cases (tools/testing/selftests/bpf/prog_tests/btf.c):

{
	.descr = "datasec: name with non-printable first char not is ok",
	.raw_types = {
		/* int */
		BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 32, 4),  /* [1] */
		/* VAR x */                                     /* [2] */
		BTF_TYPE_ENC(1, BTF_INFO_ENC(BTF_KIND_VAR, 0, 0), 1),
		BTF_VAR_STATIC,
		/* DATASEC ?.data */                            /* [3] */
		BTF_TYPE_ENC(3, BTF_INFO_ENC(BTF_KIND_DATASEC, 0, 1), 4),
		BTF_VAR_SECINFO_ENC(2, 0, 4),
		BTF_END_RAW,
	},
	BTF_STR_SEC("\0x\0\7foo"),
	.err_str = "Invalid name",
	.btf_load_err = true,
},{
	.descr = "datasec: name '\\0' is not ok",
	.raw_types = {
		/* int */
		BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 32, 4),  /* [1] */
		/* VAR x */                                     /* [2] */
		BTF_TYPE_ENC(1, BTF_INFO_ENC(BTF_KIND_VAR, 0, 0), 1),
		BTF_VAR_STATIC,
		/* DATASEC \0 */                                /* [3] */
		BTF_TYPE_ENC(3, BTF_INFO_ENC(BTF_KIND_DATASEC, 0, 1), 4),
		BTF_VAR_SECINFO_ENC(2, 0, 4),
		BTF_END_RAW,
	},
	BTF_STR_SEC("\0x\0"),
	.err_str = "Invalid name",
	.btf_load_err = true,
},

Could you please resend your patch as a patch-set fix + selftests update?

next prev parent reply	other threads:[~2024-08-30  9:42 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-08-23 10:43 [PATCH bpf] bpf: add check for invalid name in btf_name_valid_section() Jeongjun Park
2024-08-29  2:36 ` Alexei Starovoitov
2024-08-29  3:45   ` Jeongjun Park
2024-08-29  5:45     ` Eduard Zingerman
2024-08-30  1:26       ` Eduard Zingerman
2024-08-30  2:03         ` Jeongjun Park
2024-08-30  9:42           ` Eduard Zingerman [this message]
2024-08-30 11:41             ` Jeongjun Park
2024-08-30 18:04               ` Eduard Zingerman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=bd8a6dc3e52369a30c73578ea1144a48f736f393.camel@gmail.com \
    --to=eddyz87@gmail.com \
    --cc=aha310510@gmail.com \
    --cc=alexei.starovoitov@gmail.com \
    --cc=andrii@kernel.org \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=daniel@iogearbox.net \
    --cc=haoluo@google.com \
    --cc=john.fastabend@gmail.com \
    --cc=jolsa@kernel.org \
    --cc=kpsingh@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=martin.lau@linux.dev \
    --cc=sdf@fomichev.me \
    --cc=song@kernel.org \
    --cc=yonghong.song@linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox