bpf: Consistently use BPF token throughout BPF verifier logic
Remove remaining direct queries to perfmon_capable() and bpf_capable() in BPF verifier logic and instead use BPF token (if available) to make decisions about privileges. Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Alexei Starovoitov <ast@kernel.org> Link: https://lore.kernel.org/bpf/20240124022127.2379740-9-andrii@kernel.org
This commit is contained in:
parent
bbc1d24724
commit
d79a354975
|
@ -2261,24 +2261,24 @@ extern int sysctl_unprivileged_bpf_disabled;
|
|||
|
||||
bool bpf_token_capable(const struct bpf_token *token, int cap);
|
||||
|
||||
static inline bool bpf_allow_ptr_leaks(void)
|
||||
static inline bool bpf_allow_ptr_leaks(const struct bpf_token *token)
|
||||
{
|
||||
return perfmon_capable();
|
||||
return bpf_token_capable(token, CAP_PERFMON);
|
||||
}
|
||||
|
||||
static inline bool bpf_allow_uninit_stack(void)
|
||||
static inline bool bpf_allow_uninit_stack(const struct bpf_token *token)
|
||||
{
|
||||
return perfmon_capable();
|
||||
return bpf_token_capable(token, CAP_PERFMON);
|
||||
}
|
||||
|
||||
static inline bool bpf_bypass_spec_v1(void)
|
||||
static inline bool bpf_bypass_spec_v1(const struct bpf_token *token)
|
||||
{
|
||||
return cpu_mitigations_off() || perfmon_capable();
|
||||
return cpu_mitigations_off() || bpf_token_capable(token, CAP_PERFMON);
|
||||
}
|
||||
|
||||
static inline bool bpf_bypass_spec_v4(void)
|
||||
static inline bool bpf_bypass_spec_v4(const struct bpf_token *token)
|
||||
{
|
||||
return cpu_mitigations_off() || perfmon_capable();
|
||||
return cpu_mitigations_off() || bpf_token_capable(token, CAP_PERFMON);
|
||||
}
|
||||
|
||||
int bpf_map_new_fd(struct bpf_map *map, int flags);
|
||||
|
|
|
@ -1140,7 +1140,7 @@ static inline bool bpf_jit_blinding_enabled(struct bpf_prog *prog)
|
|||
return false;
|
||||
if (!bpf_jit_harden)
|
||||
return false;
|
||||
if (bpf_jit_harden == 1 && bpf_capable())
|
||||
if (bpf_jit_harden == 1 && bpf_token_capable(prog->aux->token, CAP_BPF))
|
||||
return false;
|
||||
|
||||
return true;
|
||||
|
|
|
@ -82,7 +82,7 @@ static struct bpf_map *array_map_alloc(union bpf_attr *attr)
|
|||
bool percpu = attr->map_type == BPF_MAP_TYPE_PERCPU_ARRAY;
|
||||
int numa_node = bpf_map_attr_numa_node(attr);
|
||||
u32 elem_size, index_mask, max_entries;
|
||||
bool bypass_spec_v1 = bpf_bypass_spec_v1();
|
||||
bool bypass_spec_v1 = bpf_bypass_spec_v1(NULL);
|
||||
u64 array_size, mask64;
|
||||
struct bpf_array *array;
|
||||
|
||||
|
|
|
@ -682,7 +682,7 @@ static bool bpf_prog_kallsyms_candidate(const struct bpf_prog *fp)
|
|||
void bpf_prog_kallsyms_add(struct bpf_prog *fp)
|
||||
{
|
||||
if (!bpf_prog_kallsyms_candidate(fp) ||
|
||||
!bpf_capable())
|
||||
!bpf_token_capable(fp->aux->token, CAP_BPF))
|
||||
return;
|
||||
|
||||
bpf_prog_ksym_set_addr(fp);
|
||||
|
|
|
@ -20830,7 +20830,12 @@ int bpf_check(struct bpf_prog **prog, union bpf_attr *attr, bpfptr_t uattr, __u3
|
|||
env->prog = *prog;
|
||||
env->ops = bpf_verifier_ops[env->prog->type];
|
||||
env->fd_array = make_bpfptr(attr->fd_array, uattr.is_kernel);
|
||||
is_priv = bpf_capable();
|
||||
|
||||
env->allow_ptr_leaks = bpf_allow_ptr_leaks(env->prog->aux->token);
|
||||
env->allow_uninit_stack = bpf_allow_uninit_stack(env->prog->aux->token);
|
||||
env->bypass_spec_v1 = bpf_bypass_spec_v1(env->prog->aux->token);
|
||||
env->bypass_spec_v4 = bpf_bypass_spec_v4(env->prog->aux->token);
|
||||
env->bpf_capable = is_priv = bpf_token_capable(env->prog->aux->token, CAP_BPF);
|
||||
|
||||
bpf_get_btf_vmlinux();
|
||||
|
||||
|
@ -20862,12 +20867,6 @@ int bpf_check(struct bpf_prog **prog, union bpf_attr *attr, bpfptr_t uattr, __u3
|
|||
if (attr->prog_flags & BPF_F_ANY_ALIGNMENT)
|
||||
env->strict_alignment = false;
|
||||
|
||||
env->allow_ptr_leaks = bpf_allow_ptr_leaks();
|
||||
env->allow_uninit_stack = bpf_allow_uninit_stack();
|
||||
env->bypass_spec_v1 = bpf_bypass_spec_v1();
|
||||
env->bypass_spec_v4 = bpf_bypass_spec_v4();
|
||||
env->bpf_capable = bpf_capable();
|
||||
|
||||
if (is_priv)
|
||||
env->test_state_freq = attr->prog_flags & BPF_F_TEST_STATE_FREQ;
|
||||
env->test_reg_invariants = attr->prog_flags & BPF_F_TEST_REG_INVARIANTS;
|
||||
|
|
|
@ -8580,7 +8580,7 @@ static bool cg_skb_is_valid_access(int off, int size,
|
|||
return false;
|
||||
case bpf_ctx_range(struct __sk_buff, data):
|
||||
case bpf_ctx_range(struct __sk_buff, data_end):
|
||||
if (!bpf_capable())
|
||||
if (!bpf_token_capable(prog->aux->token, CAP_BPF))
|
||||
return false;
|
||||
break;
|
||||
}
|
||||
|
@ -8592,7 +8592,7 @@ static bool cg_skb_is_valid_access(int off, int size,
|
|||
case bpf_ctx_range_till(struct __sk_buff, cb[0], cb[4]):
|
||||
break;
|
||||
case bpf_ctx_range(struct __sk_buff, tstamp):
|
||||
if (!bpf_capable())
|
||||
if (!bpf_token_capable(prog->aux->token, CAP_BPF))
|
||||
return false;
|
||||
break;
|
||||
default:
|
||||
|
|
Loading…
Reference in New Issue