[v4,1/2] bpf: add __weak hook for allocating executable memory

Message ID 20181123221804.440-2-ard.biesheuvel@linaro.org
State New
Headers show
Series
  • [v4,1/2] bpf: add __weak hook for allocating executable memory
Related show

Commit Message

Ard Biesheuvel Nov. 23, 2018, 10:18 p.m.
By default, BPF uses module_alloc() to allocate executable memory,
but this is not necessary on all arches and potentially undesirable
on some of them.

So break out the module_alloc() and module_memfree() calls into __weak
functions to allow them to be overridden in arch code.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

---
 kernel/bpf/core.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

-- 
2.19.1

Comments

Edgecombe, Rick P Nov. 26, 2018, 5:02 p.m. | #1
On Fri, 2018-11-23 at 23:18 +0100, Ard Biesheuvel wrote:
> By default, BPF uses module_alloc() to allocate executable memory,

> but this is not necessary on all arches and potentially undesirable

> on some of them.

> 

> So break out the module_alloc() and module_memfree() calls into __weak

> functions to allow them to be overridden in arch code.

> 

> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

> ---


It looks like some of the architectures call module_alloc directly in their
bpf_jit_compile implementations as well.

Rick
Kees Cook Dec. 5, 2018, 11:37 p.m. | #2
On Mon, Nov 26, 2018 at 9:02 AM Edgecombe, Rick P
<rick.p.edgecombe@intel.com> wrote:
>

> On Fri, 2018-11-23 at 23:18 +0100, Ard Biesheuvel wrote:

> > By default, BPF uses module_alloc() to allocate executable memory,

> > but this is not necessary on all arches and potentially undesirable

> > on some of them.

> >

> > So break out the module_alloc() and module_memfree() calls into __weak

> > functions to allow them to be overridden in arch code.

> >

> > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

> > ---

>

> It looks like some of the architectures call module_alloc directly in their

> bpf_jit_compile implementations as well.


Ew, good catch. :P

-- 
Kees Cook

Patch

diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
index 1a796e0799ec..78e9b76201b3 100644
--- a/kernel/bpf/core.c
+++ b/kernel/bpf/core.c
@@ -609,6 +609,16 @@  static void bpf_jit_uncharge_modmem(u32 pages)
 	atomic_long_sub(pages, &bpf_jit_current);
 }
 
+void *__weak bpf_jit_alloc_exec(unsigned long size)
+{
+	return module_alloc(size);
+}
+
+void __weak bpf_jit_free_exec(void *addr)
+{
+	module_memfree(addr);
+}
+
 struct bpf_binary_header *
 bpf_jit_binary_alloc(unsigned int proglen, u8 **image_ptr,
 		     unsigned int alignment,
@@ -626,7 +636,7 @@  bpf_jit_binary_alloc(unsigned int proglen, u8 **image_ptr,
 
 	if (bpf_jit_charge_modmem(pages))
 		return NULL;
-	hdr = module_alloc(size);
+	hdr = bpf_jit_alloc_exec(size);
 	if (!hdr) {
 		bpf_jit_uncharge_modmem(pages);
 		return NULL;
@@ -650,7 +660,7 @@  void bpf_jit_binary_free(struct bpf_binary_header *hdr)
 {
 	u32 pages = hdr->pages;
 
-	module_memfree(hdr);
+	bpf_jit_free_exec(hdr);
 	bpf_jit_uncharge_modmem(pages);
 }