Message ID | 20181206092732.4206-1-sandipan@linux.ibm.com |
---|---|
State | Changes Requested, archived |
Delegated to: | BPF Maintainers |
Headers | show |
Series | [bpf] bpf: fix default unprivileged allocation limit | expand |
Quoting Sandipan Das (2018-12-06 03:27:32) > When using a large page size, the default value of the bpf_jit_limit > knob becomes invalid and users are not able to run unprivileged bpf > programs. > > The bpf_jit_limit knob is represented internally as a 32-bit signed > integer because of which the default value, i.e. PAGE_SIZE * 40000, > overflows in case of an architecture like powerpc64 which uses 64K > as the default page size (i.e. CONFIG_PPC_64K_PAGES is set). > > So, instead of depending on the page size, use a constant value. > > Fixes: ede95a63b5e8 ("bpf: add bpf_jit_limit knob to restrict unpriv allocations") This also consistently caused a virtio-net KVM Ubuntu 18.04 guest to time out on configuring networking during boot via systemd/netplan. A bisect pointed to the same commit this patch addresses. > Signed-off-by: Sandipan Das <sandipan@linux.ibm.com> > --- > kernel/bpf/core.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c > index b1a3545d0ec8..a81d097a17fb 100644 > --- a/kernel/bpf/core.c > +++ b/kernel/bpf/core.c > @@ -365,7 +365,7 @@ void bpf_prog_kallsyms_del_all(struct bpf_prog *fp) > } > > #ifdef CONFIG_BPF_JIT > -# define BPF_JIT_LIMIT_DEFAULT (PAGE_SIZE * 40000) > +# define BPF_JIT_LIMIT_DEFAULT (4096 * 40000) This isn't quite right as we still use (bpf_jit_limit >> PAGE_SHIFT) to check allocations in bpf_jit_charge_modmem(), so that should be fixed up as well. Another alternative which is to clamp BPF_JIT_LIMIT_DEFAULT to INT_MAX, which fixes the issue for me and is similar to what bpf_jit_charge_init() does for kernels where MODULES_VADDR is defined. I'll go ahead and send the patch in case that seems preferable. > > /* All BPF JIT sysctl knobs here. */ > int bpf_jit_enable __read_mostly = IS_BUILTIN(CONFIG_BPF_JIT_ALWAYS_ON); > -- > 2.19.2 >
diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c index b1a3545d0ec8..a81d097a17fb 100644 --- a/kernel/bpf/core.c +++ b/kernel/bpf/core.c @@ -365,7 +365,7 @@ void bpf_prog_kallsyms_del_all(struct bpf_prog *fp) } #ifdef CONFIG_BPF_JIT -# define BPF_JIT_LIMIT_DEFAULT (PAGE_SIZE * 40000) +# define BPF_JIT_LIMIT_DEFAULT (4096 * 40000) /* All BPF JIT sysctl knobs here. */ int bpf_jit_enable __read_mostly = IS_BUILTIN(CONFIG_BPF_JIT_ALWAYS_ON);
When using a large page size, the default value of the bpf_jit_limit knob becomes invalid and users are not able to run unprivileged bpf programs. The bpf_jit_limit knob is represented internally as a 32-bit signed integer because of which the default value, i.e. PAGE_SIZE * 40000, overflows in case of an architecture like powerpc64 which uses 64K as the default page size (i.e. CONFIG_PPC_64K_PAGES is set). So, instead of depending on the page size, use a constant value. Fixes: ede95a63b5e8 ("bpf: add bpf_jit_limit knob to restrict unpriv allocations") Signed-off-by: Sandipan Das <sandipan@linux.ibm.com> --- kernel/bpf/core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)