From patchwork Tue Jul 19 19:16:56 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brenden Blanco X-Patchwork-Id: 650394 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3rv8vK1W0fz9ssM for ; Wed, 20 Jul 2016 05:17:49 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=plumgrid-com.20150623.gappssmtp.com header.i=@plumgrid-com.20150623.gappssmtp.com header.b=Vfb0Vd8H; dkim-atps=neutral Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751960AbcGSTRp (ORCPT ); Tue, 19 Jul 2016 15:17:45 -0400 Received: from mail-pf0-f169.google.com ([209.85.192.169]:36325 "EHLO mail-pf0-f169.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751937AbcGSTRg (ORCPT ); Tue, 19 Jul 2016 15:17:36 -0400 Received: by mail-pf0-f169.google.com with SMTP id h186so10142812pfg.3 for ; Tue, 19 Jul 2016 12:17:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=plumgrid-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=eYSkl39t0/QT9KUXsxpay7o6x7XyLvYCY4Vw63/La40=; b=Vfb0Vd8H1EBwQNJREmsVblBbLmTkjPkeYa23ny5sYRr+oc7eK9jwXg2xiif1SzuT5J V7Uk6XKFuf8f4FPtWOpH51heSkxAe6W8wpNvudfx43Kt5BwULZBggLosonhOyL0rACB9 bByqIMdpFXcKuBnnzvnNSPOe6Sj5Ne56HJBbK3x3GESh0lAtBRDku4Ah3wpB0fv/IcIl 2Q+h3N7oVrWgPHgry4RU1x5ZlIf9ESQNq73Vr9gkc7yommSN1qIACikn4OE16k8Tl+f1 hqwS+YOcjvPjkujtRMQyDlsyw/2jaKaAOLYWLzQvRQxggBRbykBxSwIEWz5sch/qd/v9 sECw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=eYSkl39t0/QT9KUXsxpay7o6x7XyLvYCY4Vw63/La40=; b=fhlObaSvLgDmY4Te9NrJHYPKsdr4TIE/RNiu99o7AcFjLDbmh6PbIMnXyUICAltw74 z9A1YDMNFLOxzeWG7PsqhUKdblwUfafIh3NaEvhhZ/FnH7rvisvzRyiP6cwph8XtK53o yQ9+/WiciPyF4HQCjrD06P9cj3kiuQI9QssFM8BEzEphhFMJ10vc0HKsFRo0Fs6V4tcV dho2x1zfkxkSUtnHJSPku8SxjwAHFJagN8tZ+V674XpSc9P1nI6co8Up34Pqk/wWbQBM 4DUv4XPSQpzxDsy5L9K+wY0ylxJC8zMH5GX3QixEYLbXqB89sv+/i8RvTLSK4LtXUipv 4TOg== X-Gm-Message-State: ALyK8tLkDyBJvhHXhgb/T5K4O7I2wPTiKPsMh8R40CuAVTWJAuqdDGHmzH+TYmxoBiU+wWN0 X-Received: by 10.98.50.2 with SMTP id y2mr15110834pfy.138.1468955855752; Tue, 19 Jul 2016 12:17:35 -0700 (PDT) Received: from iovisor-test1.plumgrid.com ([12.97.19.201]) by smtp.gmail.com with ESMTPSA id d5sm6644727pfc.4.2016.07.19.12.17.34 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 19 Jul 2016 12:17:35 -0700 (PDT) From: Brenden Blanco To: davem@davemloft.net, netdev@vger.kernel.org Cc: Brenden Blanco , Jamal Hadi Salim , Saeed Mahameed , Martin KaFai Lau , Jesper Dangaard Brouer , Ari Saha , Alexei Starovoitov , Or Gerlitz , john.fastabend@gmail.com, hannes@stressinduktion.org, Thomas Graf , Tom Herbert , Daniel Borkmann , Tariq Toukan Subject: [PATCH v10 11/12] bpf: enable direct packet data write for xdp progs Date: Tue, 19 Jul 2016 12:16:56 -0700 Message-Id: <1468955817-10604-12-git-send-email-bblanco@plumgrid.com> X-Mailer: git-send-email 2.8.2 In-Reply-To: <1468955817-10604-1-git-send-email-bblanco@plumgrid.com> References: <1468955817-10604-1-git-send-email-bblanco@plumgrid.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org For forwarding to be effective, XDP programs should be allowed to rewrite packet data. This requires that the drivers supporting XDP must all map the packet memory as TODEVICE or BIDIRECTIONAL before invoking the program. Signed-off-by: Brenden Blanco Acked-by: Alexei Starovoitov --- kernel/bpf/verifier.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index a8d67d0..f72f23b 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -653,6 +653,16 @@ static int check_map_access(struct verifier_env *env, u32 regno, int off, #define MAX_PACKET_OFF 0xffff +static bool may_write_pkt_data(enum bpf_prog_type type) +{ + switch (type) { + case BPF_PROG_TYPE_XDP: + return true; + default: + return false; + } +} + static int check_packet_access(struct verifier_env *env, u32 regno, int off, int size) { @@ -806,10 +816,15 @@ static int check_mem_access(struct verifier_env *env, u32 regno, int off, err = check_stack_read(state, off, size, value_regno); } } else if (state->regs[regno].type == PTR_TO_PACKET) { - if (t == BPF_WRITE) { + if (t == BPF_WRITE && !may_write_pkt_data(env->prog->type)) { verbose("cannot write into packet\n"); return -EACCES; } + if (t == BPF_WRITE && value_regno >= 0 && + is_pointer_value(env, value_regno)) { + verbose("R%d leaks addr into packet\n", value_regno); + return -EACCES; + } err = check_packet_access(env, regno, off, size); if (!err && t == BPF_READ && value_regno >= 0) mark_reg_unknown_value(state->regs, value_regno);