tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

bpf: Allow access to const void pointer arguments in tracing programs

Adding support to access arguments with const void pointer arguments
in tracing programs.

Currently we allow tracing programs to access void pointers. If we try to
access argument which is pointer to const void like 2nd argument in kfree,
verifier will fail to load the program with;

0: R1=ctx() R10=fp0
; asm volatile ("r2 = *(u64 *)(r1 + 8); ");
0: (79) r2 = *(u64 *)(r1 +8)
func 'kfree' arg1 type UNKNOWN is not a struct

Changing the is_int_ptr to void and generic integer check and renaming
it to is_void_or_int_ptr.

Signed-off-by: KaFai Wan <mannkafai@gmail.com>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Acked-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/bpf/20250423121329.3163461-2-mannkafai@gmail.com

authored by

KaFai Wan and committed by
Andrii Nakryiko 1271a40e 6aca583f

+7 -11
+7 -11
kernel/bpf/btf.c
··· 6383 6383 return prog->aux->attach_btf; 6384 6384 } 6385 6385 6386 - static bool is_int_ptr(struct btf *btf, const struct btf_type *t) 6386 + static bool is_void_or_int_ptr(struct btf *btf, const struct btf_type *t) 6387 6387 { 6388 6388 /* skip modifiers */ 6389 6389 t = btf_type_skip_modifiers(btf, t->type, NULL); 6390 - 6391 - return btf_type_is_int(t); 6390 + return btf_type_is_void(t) || btf_type_is_int(t); 6392 6391 } 6393 6392 6394 6393 static u32 get_ctx_arg_idx(struct btf *btf, const struct btf_type *func_proto, ··· 6775 6776 } 6776 6777 } 6777 6778 6778 - if (t->type == 0) 6779 - /* This is a pointer to void. 6780 - * It is the same as scalar from the verifier safety pov. 6781 - * No further pointer walking is allowed. 6782 - */ 6783 - return true; 6784 - 6785 - if (is_int_ptr(btf, t)) 6779 + /* 6780 + * If it's a pointer to void, it's the same as scalar from the verifier 6781 + * safety POV. Either way, no futher pointer walking is allowed. 6782 + */ 6783 + if (is_void_or_int_ptr(btf, t)) 6786 6784 return true; 6787 6785 6788 6786 /* this is a pointer to another type */