Re: [PATCH bpf-next v10 4/8] bpf: Add syscall common attributes support for prog_load
From: Andrii Nakryiko <hidden>
Date: 2026-02-11 22:08:46
Also in:
bpf, linux-kselftest, lkml
On Wed, Feb 11, 2026 at 7:13 AM Leon Hwang [off-list ref] wrote:
quoted hunk ↗ jump to hunk
BPF_PROG_LOAD can now take log parameters from both union bpf_attr and struct bpf_common_attr. The merge rules are: - if both sides provide a complete log tuple (buf/size/level) and they match, use it; - if only one side provides log parameters, use that one; - if both sides provide complete tuples but they differ, return -EINVAL. Signed-off-by: Leon Hwang <redacted> --- include/linux/bpf_verifier.h | 3 ++- kernel/bpf/log.c | 31 ++++++++++++++++++++++++++++++- kernel/bpf/syscall.c | 2 +- 3 files changed, 33 insertions(+), 3 deletions(-)diff --git a/include/linux/bpf_verifier.h b/include/linux/bpf_verifier.h index dbd9bdb955b3..34f28d40022a 100644 --- a/include/linux/bpf_verifier.h +++ b/include/linux/bpf_verifier.h@@ -643,7 +643,8 @@ struct bpf_log_attr { }; int bpf_log_attr_init(struct bpf_log_attr *log, u64 log_buf, u32 log_size, u32 log_level, - u32 __user *log_true_size); + u32 __user *log_true_size, struct bpf_common_attr *common, bpfptr_t uattr, + u32 size); int bpf_log_attr_finalize(struct bpf_log_attr *attr, struct bpf_verifier_log *log); #define BPF_MAX_SUBPROGS 256diff --git a/kernel/bpf/log.c b/kernel/bpf/log.c index e31747b84fe2..a2b41bf5e9cb 100644 --- a/kernel/bpf/log.c +++ b/kernel/bpf/log.c@@ -864,14 +864,43 @@ void print_insn_state(struct bpf_verifier_env *env, const struct bpf_verifier_st print_verifier_state(env, vstate, frameno, false); } +static bool bpf_log_attrs_set(u64 log_buf, u32 log_size, u32 log_level) +{ + return log_buf && log_size && log_level; +} + +static bool bpf_log_attrs_diff(struct bpf_common_attr *common, u64 log_buf, u32 log_size, + u32 log_level) +{ + return bpf_log_attrs_set(log_buf, log_size, log_level) && + bpf_log_attrs_set(common->log_buf, common->log_size, common->log_level) && + (log_buf != common->log_buf || log_size != common->log_size || + log_level != common->log_level); +} +
I'm not sure this check is doing what we discussed previously?... If
log_buf is set, but log_size or log_level is zero, you'll just ignore
log_buf here...
Maybe let's keep it super simple:
if (log_buf && common->log_buf && log_buf != common->log_buf)
return -EINVAL;
/* same for log_size, log_level, log_true_size */
and then below just
log->log_buf = u64_to_user_ptr(log_buf ?: common->log_buf);
log->log_size = log_size ?: common->log_size;
and so on
We can be stricter than that, of course (as in, all triplets have to
be completely set in either/both common_attr and attr, and they should
completely match), but it's just more code for little benefit.
int bpf_log_attr_init(struct bpf_log_attr *log, u64 log_buf, u32 log_size, u32 log_level,
- u32 __user *log_true_size)
+ u32 __user *log_true_size, struct bpf_common_attr *common, bpfptr_t uattr,
+ u32 size)
{
+ if (bpf_log_attrs_diff(common, log_buf, log_size, log_level))
+ return -EINVAL;
+
memset(log, 0, sizeof(*log));
log->log_buf = u64_to_user_ptr(log_buf);
log->log_size = log_size;
log->log_level = log_level;
log->log_true_size = log_true_size;
+
+ if (!log_buf && common->log_buf) {
+ log->log_buf = u64_to_user_ptr(common->log_buf);
+ log->log_size = common->log_size;
+ log->log_level = common->log_level;
+ if (size >= offsetofend(struct bpf_common_attr, log_true_size))
+ log->log_true_size = uattr.user +
+ offsetof(struct bpf_common_attr, log_true_size);
+ else
+ log->log_true_size = NULL;why not treat log_true_size same as log_buf/log_level/log_size? If both are provided, they should match, and then we don't have a possibility of inconsistency?
quoted hunk ↗ jump to hunk
+ } return 0; }diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index e86674811996..17116603ff51 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c@@ -6247,7 +6247,7 @@ static int __sys_bpf(enum bpf_cmd cmd, bpfptr_t uattr, unsigned int size, if (from_user && size >= offsetofend(union bpf_attr, log_true_size)) log_true_size = uattr.user + offsetof(union bpf_attr, log_true_size); err = bpf_log_attr_init(&attr_log, attr.log_buf, attr.log_size, attr.log_level, - log_true_size); + log_true_size, &attr_common, uattr_common, size_common); err = err ?: bpf_prog_load(&attr, uattr, &attr_log); break; case BPF_OBJ_PIN: --2.52.0