mirror_ubuntu-kernels

mirror of https://git.proxmox.com/git/mirror_ubuntu-kernels.git synced 2026-01-26 21:34:30 +00:00

Go to file

Dave Marchevsky 2a6d50b50d bpf: Consider non-owning refs trusted Recent discussions around default kptr "trustedness" led to changes such as commit `6fcd486b3a` ("bpf: Refactor RCU enforcement in the verifier."). One of the conclusions of those discussions, as expressed in code and comments in that patch, is that we'd like to move away from 'raw' PTR_TO_BTF_ID without some type flag or other register state indicating trustedness. Although PTR_TRUSTED and PTR_UNTRUSTED flags mark this state explicitly, the verifier currently considers trustedness implied by other register state. For example, owning refs to graph collection nodes must have a nonzero ref_obj_id, so they pass the is_trusted_reg check despite having no explicit PTR_{UN}TRUSTED flag. This patch makes trustedness of non-owning refs to graph collection nodes explicit as well. By definition, non-owning refs are currently trusted. Although the ref has no control over pointee lifetime, due to non-owning ref clobbering rules (see invalidate_non_owning_refs) dereferencing a non-owning ref is safe in the critical section controlled by bpf_spin_lock associated with its owning collection. Note that the previous statement does not hold true for nodes with shared ownership due to the use-after-free issue that this series is addressing. True shared ownership was disabled by commit `7deca5eae8` ("bpf: Disable bpf_refcount_acquire kfunc calls until race conditions are fixed"), though, so the statement holds for now. Further patches in the series will change the trustedness state of non-owning refs before re-enabling bpf_refcount_acquire. Let's add NON_OWN_REF type flag to BPF_REG_TRUSTED_MODIFIERS such that a non-owning ref reg state would pass is_trusted_reg check. Somewhat surprisingly, this doesn't result in any change to user-visible functionality elsewhere in the verifier: graph collection nodes are all marked MEM_ALLOC, which tends to be handled in separate codepaths from "raw" PTR_TO_BTF_ID. Regardless, let's be explicit here and document the current state of things before changing it elsewhere in the series. Signed-off-by: Dave Marchevsky <davemarchevsky@fb.com> Acked-by: Yonghong Song <yonghong.song@linux.dev> Link: https://lore.kernel.org/r/20230821193311.3290257-3-davemarchevsky@fb.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>		2023-08-25 09:23:16 -07:00
arch	riscv, bpf: Support unconditional bswap insn	2023-08-24 09:13:08 -07:00
block	block-6.5-2023-07-21	2023-07-22 11:05:15 -07:00
certs	KEYS: Add missing function documentation	2023-04-24 16:15:52 +03:00
crypto	crypto: algif_hash - Fix race between MORE and non-MORE sends	2023-07-08 22:48:42 +10:00
Documentation	mlx5-updates-2023-08-14	2023-08-15 19:21:49 -07:00
drivers	netconsole: Enable compile time configuration	2023-08-17 19:25:42 -07:00
fs	two ksmbd server fixes	2023-08-09 21:12:56 -07:00
include	bpf: Consider non-owning refs trusted	2023-08-25 09:23:16 -07:00
init	Kbuild updates for v6.5	2023-07-01 09:24:31 -07:00
io_uring	io_uring-6.5-2023-07-28	2023-07-28 10:19:44 -07:00
ipc	Merge branch 'work.namespace' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs	2023-02-24 19:20:07 -08:00
kernel	bpf: Ensure kptr_struct_meta is non-NULL for collection insert and refcount_acquire	2023-08-25 09:23:16 -07:00
lib	bpf/tests: Enhance output on error and fix typos	2023-08-18 17:08:42 +02:00
LICENSES	LICENSES: Add the copyleft-next-0.3.1 license	2022-11-08 15:44:01 +01:00
mm	net-memcg: Fix scope of sockmem pressure indicators	2023-08-16 12:21:32 +01:00
net	lwt: Check LWTUNNEL_XMIT_CONTINUE strictly	2023-08-18 16:05:26 +02:00
rust	rust: fix bindgen build error with UBSAN_BOUNDS_STRICT	2023-08-04 17:10:50 +02:00
samples	samples/bpf: Add note to README about the XDP utilities moved to xdp-tools	2023-08-24 08:43:50 -07:00
scripts	x86:	2023-07-30 11:19:08 -07:00
security	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2023-08-10 14:10:53 -07:00
sound	ASoC: Fixes for v6.5	2023-07-27 14:54:23 +02:00
tools	selftests/bpf: Enable cpu v4 tests for RV64	2023-08-24 09:13:08 -07:00
usr	initramfs: Encode dependency on KBUILD_BUILD_TIMESTAMP	2023-06-06 17:54:49 +09:00
virt	KVM: Grab a reference to KVM for VM and vCPU stats file descriptors	2023-07-29 11:05:28 -04:00
.clang-format	iommu: Add for_each_group_device()	2023-05-23 08:15:51 +02:00
.cocciconfig
.get_maintainer.ignore	get_maintainer: add Alan to .get_maintainer.ignore	2022-08-20 15:17:44 -07:00
.gitattributes	.gitattributes: set diff driver for Rust source code files	2023-05-31 17:48:25 +02:00
.gitignore	Revert ".gitignore: ignore .cover and .mbx"	2023-07-04 15:05:12 -07:00
.mailmap	mailmap: update remaining active codeaurora.org email addresses	2023-07-27 13:07:05 -07:00
.rustfmt.toml	rust: add `.rustfmt.toml`	2022-09-28 09:02:20 +02:00
COPYING	COPYING: state that all contributions really are covered by this file	2020-02-10 13:32:20 -08:00
CREDITS	- Address -Wmissing-prototype warnings	2023-06-26 16:43:54 -07:00
Kbuild	Kbuild updates for v6.1	2022-10-10 12:00:45 -07:00
Kconfig	kbuild: ensure full rebuild when the compiler is updated	2020-05-12 13:28:33 +09:00
MAINTAINERS	nfp: update maintainer	2023-08-16 12:18:54 +01:00
Makefile	Linux 6.5-rc5	2023-08-06 15:07:51 -07:00
README	Drop all 00-INDEX files from Documentation/	2018-09-09 15:08:58 -06:00

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.