releases/4.19.29/bpftool-fix-prog-dump-by-tag.patch - pub/scm/linux/kernel/git/stable/stable-queue - Git at Google

 From b2b4c03caf1fc890b25f1febc264f523cb23d71d Mon Sep 17 00:00:00 2001
 From: Jiri Olsa <jolsa@kernel.org>
 Date: Fri, 18 Jan 2019 13:58:17 +0100
 Subject: bpftool: Fix prog dump by tag

 [ Upstream commit 752bcf80f5549c9901b2e8bc77b2138de55b1026 ]

 Lance reported an issue with bpftool not being able to
 dump program if there are more programs loaded and you
 want to dump any but the first program, like:

   # bpftool prog
   28: kprobe  name trace_req_start  tag 1dfc28ba8b3dd597  gpl
   	loaded_at 2019-01-18T17:02:40+1100  uid 0
   	xlated 112B  jited 109B  memlock 4096B  map_ids 13
   29: kprobe  name trace_req_compl  tag 5b6a5ecc6030a683  gpl
   	loaded_at 2019-01-18T17:02:40+1100  uid 0
   	xlated 928B  jited 575B  memlock 4096B  map_ids 13,14
   #  bpftool prog dum jited tag 1dfc28ba8b3dd597
    0:	push   %rbp
    1:	mov    %rsp,%rbp
   ...

   #  bpftool prog dum jited tag 5b6a5ecc6030a683
   Error: can't get prog info (29): Bad address

 The problem is in the prog_fd_by_tag function not cleaning
 the struct bpf_prog_info before another request, so the
 previous program length is still in there and kernel assumes
 it needs to dump the program, which fails because there's no
 user pointer set.

 Moving the struct bpf_prog_info declaration into the loop,
 so it gets cleaned before each query.

 Fixes: 71bb428fe2c1 ("tools: bpf: add bpftool")
 Reported-by: Lance Digby <ldigby@redhat.com>
 Signed-off-by: Jiri Olsa <jolsa@kernel.org>
 Reviewed-by: Quentin Monnet <quentin.monnet@netronome.com>
 Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com>
 Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
 Signed-off-by: Sasha Levin <sashal@kernel.org>
 ---
  tools/bpf/bpftool/prog.c | 5 +++--
  1 file changed, 3 insertions(+), 2 deletions(-)

 diff --git a/tools/bpf/bpftool/prog.c b/tools/bpf/bpftool/prog.c
 index 0de024a6cc2b..bbba0d61570f 100644
 --- a/tools/bpf/bpftool/prog.c
 +++ b/tools/bpf/bpftool/prog.c
 @@ -109,13 +109,14 @@ static void print_boot_time(__u64 nsecs, char *buf, unsigned int size)

  static int prog_fd_by_tag(unsigned char *tag)
  {
 -	struct bpf_prog_info info = {};
 -	__u32 len = sizeof(info);
  	unsigned int id = 0;
  	int err;
  	int fd;

  	while (true) {
 +		struct bpf_prog_info info = {};
 +		__u32 len = sizeof(info);
 +
  		err = bpf_prog_get_next_id(id, &id);
  		if (err) {
  			p_err("%s", strerror(errno));
 --
 2.19.1
	From b2b4c03caf1fc890b25f1febc264f523cb23d71d Mon Sep 17 00:00:00 2001
	From: Jiri Olsa <jolsa@kernel.org>
	Date: Fri, 18 Jan 2019 13:58:17 +0100
	Subject: bpftool: Fix prog dump by tag

	[ Upstream commit 752bcf80f5549c9901b2e8bc77b2138de55b1026 ]

	Lance reported an issue with bpftool not being able to
	dump program if there are more programs loaded and you
	want to dump any but the first program, like:

	# bpftool prog
	28: kprobe name trace_req_start tag 1dfc28ba8b3dd597 gpl
	loaded_at 2019-01-18T17:02:40+1100 uid 0
	xlated 112B jited 109B memlock 4096B map_ids 13
	29: kprobe name trace_req_compl tag 5b6a5ecc6030a683 gpl
	loaded_at 2019-01-18T17:02:40+1100 uid 0
	xlated 928B jited 575B memlock 4096B map_ids 13,14
	# bpftool prog dum jited tag 1dfc28ba8b3dd597
	0: push %rbp
	1: mov %rsp,%rbp
	...

	# bpftool prog dum jited tag 5b6a5ecc6030a683
	Error: can't get prog info (29): Bad address

	The problem is in the prog_fd_by_tag function not cleaning
	the struct bpf_prog_info before another request, so the
	previous program length is still in there and kernel assumes
	it needs to dump the program, which fails because there's no
	user pointer set.

	Moving the struct bpf_prog_info declaration into the loop,
	so it gets cleaned before each query.

	Fixes: 71bb428fe2c1 ("tools: bpf: add bpftool")
	Reported-by: Lance Digby <ldigby@redhat.com>
	Signed-off-by: Jiri Olsa <jolsa@kernel.org>
	Reviewed-by: Quentin Monnet <quentin.monnet@netronome.com>
	Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com>
	Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
	Signed-off-by: Sasha Levin <sashal@kernel.org>
	---
	tools/bpf/bpftool/prog.c \| 5 +++--
	1 file changed, 3 insertions(+), 2 deletions(-)

	diff --git a/tools/bpf/bpftool/prog.c b/tools/bpf/bpftool/prog.c
	index 0de024a6cc2b..bbba0d61570f 100644
	--- a/tools/bpf/bpftool/prog.c
	+++ b/tools/bpf/bpftool/prog.c
	@@ -109,13 +109,14 @@ static void print_boot_time(__u64 nsecs, char *buf, unsigned int size)

	static int prog_fd_by_tag(unsigned char *tag)
	{
	- struct bpf_prog_info info = {};
	- __u32 len = sizeof(info);
	unsigned int id = 0;
	int err;
	int fd;

	while (true) {
	+ struct bpf_prog_info info = {};
	+ __u32 len = sizeof(info);
	+
	err = bpf_prog_get_next_id(id, &id);
	if (err) {
	p_err("%s", strerror(errno));
	--
	2.19.1