diff options
| author |   Jakub Kicinski <jakub.kicinski@netronome.com> | 2017-10-09 10:30:15 -0700 |
|---|---|---|
| committer |   David S. Miller <davem@davemloft.net> | 2017-10-10 12:30:16 -0700 |
| commit | a2a7d5701052542cd2260e7659b12443e0a74733 (patch) | |
| tree | f879063be29de0e6d7435759db62f0157c7773ff /include/linux/bpf_verifier.h | |
| parent | bpf: don't rely on the verifier lock for metadata_dst allocation (diff) | |
| download | linux-dev-a2a7d5701052542cd2260e7659b12443e0a74733.tar.xz linux-dev-a2a7d5701052542cd2260e7659b12443e0a74733.zip | |
bpf: write back the verifier log buffer as it gets filled
Verifier log buffer can be quite large (up to 16MB currently).
As Eric Dumazet points out if we allow multiple verification
requests to proceed simultaneously, malicious user may use the
verifier as a way of allocating large amounts of unswappable
memory to OOM the host.
Switch to a strategy of allocating a smaller buffer (1024B)
and writing it out into the user buffer after every print.
While at it remove the old BUG_ON().
This is in preparation of the global verifier lock removal.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Simon Horman <simon.horman@netronome.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/linux/bpf_verifier.h')
| -rw-r--r-- | include/linux/bpf_verifier.h | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/include/linux/bpf_verifier.h b/include/linux/bpf_verifier.h index 5ddb9a626a51..f00ef751c1c5 100644 --- a/include/linux/bpf_verifier.h +++ b/include/linux/bpf_verifier.h @@ -115,9 +115,11 @@ struct bpf_insn_aux_data { #define MAX_USED_MAPS 64 /* max number of maps accessed by one eBPF program */ +#define BPF_VERIFIER_TMP_LOG_SIZE 1024 + struct bpf_verifer_log { u32 level; - char *kbuf; + char kbuf[BPF_VERIFIER_TMP_LOG_SIZE]; char __user *ubuf; u32 len_used; u32 len_total; |