From patchwork Fri Jul 8 02:15:22 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brenden Blanco X-Patchwork-Id: 646279 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3rlylx0HTJz9sBg for ; Fri, 8 Jul 2016 12:16:29 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=plumgrid-com.20150623.gappssmtp.com header.i=@plumgrid-com.20150623.gappssmtp.com header.b=dvOj44FI; dkim-atps=neutral Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932103AbcGHCQZ (ORCPT ); Thu, 7 Jul 2016 22:16:25 -0400 Received: from mail-pf0-f181.google.com ([209.85.192.181]:35759 "EHLO mail-pf0-f181.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753974AbcGHCPs (ORCPT ); Thu, 7 Jul 2016 22:15:48 -0400 Received: by mail-pf0-f181.google.com with SMTP id c2so11321754pfa.2 for ; Thu, 07 Jul 2016 19:15:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=plumgrid-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=eYSkl39t0/QT9KUXsxpay7o6x7XyLvYCY4Vw63/La40=; b=dvOj44FIfXHlnsEUDKOXLMmo2xgSeheA0NgmoUeq9tyOJ+TF1QZ2iAxvQ9y/PnMbRJ J40oHlmkI2FWB/rXcO1lw3M4npPy6AilPd2Lqe4xFrhU9Kiqo6vQiV0AW8K2b1VYJg+O r8NOzc2zw64gtMfGO32q/+W+kdR27IGNQUr5wFkKvL7eJCpRDx0NgfQOgWptHGGMqdwg bn6mNgbp82Ppz4otaL5FmQNzb82ODPoOLGzlrp7u9Cik9soN6zlaVuI/S/ih3oTFMPsq 3EpOyiRwCK5jg/LmMUOPVbEJjJLmH32neTRyTTiJzFMQozTvAr/HLcXkLDNVBEbWQh/1 Tepg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=eYSkl39t0/QT9KUXsxpay7o6x7XyLvYCY4Vw63/La40=; b=KeMjgIuo/MZnzLcxBuCjJL52VxlH8ZHjngp2seUkUF7pFOZn9VKBvlSpZXsrca6kac BqxFFBwZlTv+Si91g1Wp9OlWp4fxD4Hd/MQvoGfDCgFWfkqNFdXDGAMaMLwXzA6H8eyj ZFt/2dQs/0RyjwDa1MPfYvZsJbQ0WAAfsUueiVphRiGFnXUHwRZr06Gzvnqvz6lG2kuo SG76TEHzF9PzwVQl0gQOxxevaJRBQ6FiUku3Ygx/1dIqV+uyJo7imp8/TKO1DLGfUmSO M17xGgbvvNnYpEq1SYbRSJI050GWTuFP8oiXRPa2WuQQmSVVY62UY0N8NrqyeIQLZP+o BKUw== X-Gm-Message-State: ALyK8tLvanwuG9dqn+HTUQX7OY0fsUhGX3N0RiTKr6/7j+2jd6pmq6VzDRsJOk93y7xt2HDb X-Received: by 10.98.103.198 with SMTP id t67mr5686868pfj.158.1467944146801; Thu, 07 Jul 2016 19:15:46 -0700 (PDT) Received: from iovisor-test1.plumgrid.com ([12.97.19.201]) by smtp.gmail.com with ESMTPSA id jh3sm401497pac.14.2016.07.07.19.15.45 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 07 Jul 2016 19:15:46 -0700 (PDT) From: Brenden Blanco To: davem@davemloft.net, netdev@vger.kernel.org Cc: Brenden Blanco , Martin KaFai Lau , Jesper Dangaard Brouer , Ari Saha , Alexei Starovoitov , Or Gerlitz , john.fastabend@gmail.com, hannes@stressinduktion.org, Thomas Graf , Tom Herbert , Daniel Borkmann Subject: [PATCH v6 10/12] bpf: enable direct packet data write for xdp progs Date: Thu, 7 Jul 2016 19:15:22 -0700 Message-Id: <1467944124-14891-11-git-send-email-bblanco@plumgrid.com> X-Mailer: git-send-email 2.8.2 In-Reply-To: <1467944124-14891-1-git-send-email-bblanco@plumgrid.com> References: <1467944124-14891-1-git-send-email-bblanco@plumgrid.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org For forwarding to be effective, XDP programs should be allowed to rewrite packet data. This requires that the drivers supporting XDP must all map the packet memory as TODEVICE or BIDIRECTIONAL before invoking the program. Signed-off-by: Brenden Blanco --- kernel/bpf/verifier.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index a8d67d0..f72f23b 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -653,6 +653,16 @@ static int check_map_access(struct verifier_env *env, u32 regno, int off, #define MAX_PACKET_OFF 0xffff +static bool may_write_pkt_data(enum bpf_prog_type type) +{ + switch (type) { + case BPF_PROG_TYPE_XDP: + return true; + default: + return false; + } +} + static int check_packet_access(struct verifier_env *env, u32 regno, int off, int size) { @@ -806,10 +816,15 @@ static int check_mem_access(struct verifier_env *env, u32 regno, int off, err = check_stack_read(state, off, size, value_regno); } } else if (state->regs[regno].type == PTR_TO_PACKET) { - if (t == BPF_WRITE) { + if (t == BPF_WRITE && !may_write_pkt_data(env->prog->type)) { verbose("cannot write into packet\n"); return -EACCES; } + if (t == BPF_WRITE && value_regno >= 0 && + is_pointer_value(env, value_regno)) { + verbose("R%d leaks addr into packet\n", value_regno); + return -EACCES; + } err = check_packet_access(env, regno, off, size); if (!err && t == BPF_READ && value_regno >= 0) mark_reg_unknown_value(state->regs, value_regno);