Re: [PATCH bpf-next] bpf: fix flags check in bpf_percpu_cgroup_storage_update()
From: Daniel Borkmann
Date: Fri Sep 28 2018 - 08:11:56 EST
On 09/28/2018 01:06 PM, Roman Gushchin wrote:
> Fix an issue in bpf_percpu_cgroup_storage_update(): it should return
> -EINVAL on an attempt to pass BPF_NOEXIST rather than BPF_EXIST.
>
> Cgroup local storage is automatically created on attaching of a bpf
> program to a cgroup, and it can't be done from the userspace.
>
> Fixes: 0daef9b42374 ("bpf: introduce per-cpu cgroup local storage")
> Signed-off-by: Roman Gushchin <guro@xxxxxx>
> Cc: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
> Cc: Alexei Starovoitov <ast@xxxxxxxxxx>
> ---
> kernel/bpf/local_storage.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/bpf/local_storage.c b/kernel/bpf/local_storage.c
> index c739f6dcc3c2..190535f6d5e2 100644
> --- a/kernel/bpf/local_storage.c
> +++ b/kernel/bpf/local_storage.c
> @@ -191,7 +191,7 @@ int bpf_percpu_cgroup_storage_update(struct bpf_map *_map, void *_key,
> int cpu, off = 0;
> u32 size;
>
> - if (unlikely(map_flags & BPF_EXIST))
> + if (map_flags & BPF_NOEXIST)
> return -EINVAL;
Hmm, this is also incorrect as any future reserved flag would be accepted here and
couldn't be extended anymore. :/ And it looks like cgroup_storage_update_elem() is
doing the same today, given the cgroups local storage is still early, we should route
a patch to stable for fixing this.
Wrt this series, given the series is top of tree right now, I would prefer a fresh
respin so we have the fix integrated properly w/o follow-up. Perhaps this could also
incorporate Alexei's previous cleanup suggestions as well from today if you have a
chance.
Thanks,
Daniel