• Paul Moore's avatar
    bpf: restore the ebpf program ID for BPF_AUDIT_UNLOAD and PERF_BPF_EVENT_PROG_UNLOAD · ef01f4e2
    Paul Moore authored
    When changing the ebpf program put() routines to support being called
    from within IRQ context the program ID was reset to zero prior to
    calling the perf event and audit UNLOAD record generators, which
    resulted in problems as the ebpf program ID was bogus (always zero).
    This patch addresses this problem by removing an unnecessary call to
    bpf_prog_free_id() in __bpf_prog_offload_destroy() and adjusting
    __bpf_prog_put() to only call bpf_prog_free_id() after audit and perf
    have finished their bpf program unload tasks in
    bpf_prog_put_deferred().  For the record, no one can determine, or
    remember, why it was necessary to free the program ID, and remove it
    from the IDR, prior to executing bpf_prog_put_deferred();
    regardless, both Stanislav and Alexei agree that the approach in this
    patch should be safe.
    
    It is worth noting that when moving the bpf_prog_free_id() call, the
    do_idr_lock parameter was forced to true as the ebpf devs determined
    this was the correct as the do_idr_lock should always be true.  The
    do_idr_lock parameter will be removed in a follow-up patch, but it
    was kept here to keep the patch small in an effort to ease any stable
    backports.
    
    I also modified the bpf_audit_prog() logic used to associate the
    AUDIT_BPF record with other associated records, e.g. @ctx != NULL.
    Instead of keying off the operation, it now keys off the execution
    context, e.g. '!in_irg && !irqs_disabled()', which is much more
    appropriate and should help better connect the UNLOAD operations with
    the associated audit state (other audit records).
    
    Cc: stable@vger.kernel.org
    Fixes: d809e134 ("bpf: Prepare bpf_prog_put() to be called from irq context.")
    Reported-by: default avatarBurn Alting <burn.alting@iinet.net.au>
    Reported-by: default avatarJiri Olsa <olsajiri@gmail.com>
    Suggested-by: default avatarStanislav Fomichev <sdf@google.com>
    Suggested-by: default avatarAlexei Starovoitov <alexei.starovoitov@gmail.com>
    Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
    Acked-by: default avatarStanislav Fomichev <sdf@google.com>
    Link: https://lore.kernel.org/r/20230106154400.74211-1-paul@paul-moore.comSigned-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
    ef01f4e2
syscall.c 128 KB