bpf: Transfer RCU lock state between subprog calls

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Allow transferring an imbalanced RCU lock state between subprog calls
during verification. This allows patterns where a subprog call returns
with an RCU lock held, or a subprog call releases an RCU lock held by
the caller. Currently, the verifier would end up complaining if the RCU
lock is not released when processing an exit from a subprog, which is
non-ideal if its execution is supposed to be enclosed in an RCU read
section of the caller.

Instead, simply only check whether we are processing exit for frame#0
and do not complain on an active RCU lock otherwise. We only need to
update the check when processing BPF_EXIT insn, as copy_verifier_state
is already set up to do the right thing.

Suggested-by: David Vernet <void@manifault.com>
Tested-by: Yafang Shao <laoar.shao@gmail.com>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
Acked-by: David Vernet <void@manifault.com>
Link: https://lore.kernel.org/r/20240205055646.1112186-2-memxor@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

authored by

Kumar Kartikeya Dwivedi and committed by

Alexei Starovoitov 2 years ago 6fceea0f 8244ab50

+1 -2

1 changed file

expand all

kernel

bpf

verifier.c

+1 -2

kernel/bpf/verifier.c

··· 17703 17703 return -EINVAL; 17704 17704 } 17705 17705 17706 - if (env->cur_state->active_rcu_lock && 17707 - !in_rbtree_lock_required_cb(env)) { 17706 + if (env->cur_state->active_rcu_lock && !env->cur_state->curframe) { 17708 17707 verbose(env, "bpf_rcu_read_unlock is missing\n"); 17709 17708 return -EINVAL; 17710 17709 }