On Tue, Jul 1, 2025 at 11:17 PM Kumar Kartikeya Dwivedi
<memxor@xxxxxxxxx> wrote:
>
> Add a warning to ensure RCU lock is held around tree lookup, and then
> fix one of the invocations in bpf_stack_walker. The program has an
> active stack frame and won't disappear. Use the opportunity to remove
> unneeded invocation of is_bpf_text_address.
>
> Fixes: f18b03fabaa9 ("bpf: Implement BPF exceptions")
> Signed-off-by: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
> ---
> kernel/bpf/core.c | 5 ++++-
> kernel/bpf/helpers.c | 11 +++++++++--
> 2 files changed, 13 insertions(+), 3 deletions(-)
>
Reviewed-by: Emil Tsalapatis <emil@xxxxxxxxxxxxxxx>
> diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
> index 5c6e9fbb5508..b4203f68cf33 100644
> --- a/kernel/bpf/core.c
> +++ b/kernel/bpf/core.c
> @@ -782,7 +782,10 @@ bool is_bpf_text_address(unsigned long addr)
>
> struct bpf_prog *bpf_prog_ksym_find(unsigned long addr)
> {
> - struct bpf_ksym *ksym = bpf_ksym_find(addr);
> + struct bpf_ksym *ksym;
> +
> + WARN_ON_ONCE(!rcu_read_lock_held());
> + ksym = bpf_ksym_find(addr);
>
> return ksym && ksym->prog ?
> container_of(ksym, struct bpf_prog_aux, ksym)->prog :
> diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c
> index 61fdd343d6f5..659b5d133f3e 100644
> --- a/kernel/bpf/helpers.c
> +++ b/kernel/bpf/helpers.c
> @@ -2935,9 +2935,16 @@ static bool bpf_stack_walker(void *cookie, u64 ip, u64 sp, u64 bp)
> struct bpf_throw_ctx *ctx = cookie;
> struct bpf_prog *prog;
>
> - if (!is_bpf_text_address(ip))
> - return !ctx->cnt;
> + /*
> + * The RCU read lock is held to safely traverse the latch tree, but we
> + * don't need its protection when accessing the prog, since it has an
> + * active stack frame on the current stack trace, and won't disappear.
> + */
> + rcu_read_lock();
> prog = bpf_prog_ksym_find(ip);
> + rcu_read_unlock();
> + if (!prog)
> + return !ctx->cnt;
> ctx->cnt++;
> if (bpf_is_subprog(prog))
> return true;
> --
> 2.47.1
>
