Re: [PATCH bpf-next v10 3/8] bpf: Refactor reporting log_true_size for prog_load
From: Alexei Starovoitov <hidden>
Date: 2026-03-03 16:32:26
Also in:
bpf, linux-kselftest, lkml
On Wed, Feb 11, 2026 at 7:13 AM Leon Hwang [off-list ref] wrote:
quoted hunk ↗ jump to hunk
The next commit will add support for reporting logs via extended common attributes, including 'log_true_size'. To prepare for that, refactor the 'log_true_size' reporting logic by introducing a new struct bpf_log_attr to encapsulate log-related behavior: * bpf_log_attr_init(): initialize log fields, which will support extended common attributes in the next commit. * bpf_log_attr_finalize(): handle log finalization and write back 'log_true_size' to userspace. Signed-off-by: Leon Hwang <redacted> --- include/linux/bpf.h | 4 +++- include/linux/bpf_verifier.h | 11 +++++++++++ kernel/bpf/log.c | 25 +++++++++++++++++++++++++ kernel/bpf/syscall.c | 13 ++++++++++--- kernel/bpf/verifier.c | 17 ++++------------- 5 files changed, 53 insertions(+), 17 deletions(-)diff --git a/include/linux/bpf.h b/include/linux/bpf.h index cd9b96434904..d4dbcc7ad156 100644 --- a/include/linux/bpf.h +++ b/include/linux/bpf.h@@ -2913,7 +2913,9 @@ int bpf_check_uarg_tail_zero(bpfptr_t uaddr, size_t expected_size, size_t actual_size); /* verify correctness of eBPF program */ -int bpf_check(struct bpf_prog **fp, union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size); +struct bpf_log_attr; +int bpf_check(struct bpf_prog **fp, union bpf_attr *attr, bpfptr_t uattr, + struct bpf_log_attr *attr_log); #ifndef CONFIG_BPF_JIT_ALWAYS_ON void bpf_patch_call_args(struct bpf_insn *insn, u32 stack_depth);diff --git a/include/linux/bpf_verifier.h b/include/linux/bpf_verifier.h index ef8e45a362d9..dbd9bdb955b3 100644 --- a/include/linux/bpf_verifier.h +++ b/include/linux/bpf_verifier.h@@ -635,6 +635,17 @@ static inline bool bpf_verifier_log_needed(const struct bpf_verifier_log *log) return log && log->level; } +struct bpf_log_attr { + char __user *log_buf; + u32 log_size; + u32 log_level; + u32 __user *log_true_size; +}; + +int bpf_log_attr_init(struct bpf_log_attr *log, u64 log_buf, u32 log_size, u32 log_level, + u32 __user *log_true_size); +int bpf_log_attr_finalize(struct bpf_log_attr *attr, struct bpf_verifier_log *log); + #define BPF_MAX_SUBPROGS 256 struct bpf_subprog_arg_info {diff --git a/kernel/bpf/log.c b/kernel/bpf/log.c index a0c3b35de2ce..e31747b84fe2 100644 --- a/kernel/bpf/log.c +++ b/kernel/bpf/log.c@@ -863,3 +863,28 @@ void print_insn_state(struct bpf_verifier_env *env, const struct bpf_verifier_st } print_verifier_state(env, vstate, frameno, false); } + +int bpf_log_attr_init(struct bpf_log_attr *log, u64 log_buf, u32 log_size, u32 log_level, + u32 __user *log_true_size) +{ + memset(log, 0, sizeof(*log)); + log->log_buf = u64_to_user_ptr(log_buf); + log->log_size = log_size; + log->log_level = log_level; + log->log_true_size = log_true_size; + return 0; +} + +int bpf_log_attr_finalize(struct bpf_log_attr *attr, struct bpf_verifier_log *log) +{ + u32 log_true_size; + int err; + + err = bpf_vlog_finalize(log, &log_true_size); + + if (attr->log_true_size && copy_to_user(attr->log_true_size, &log_true_size, + sizeof(log_true_size))) + return -EFAULT; + + return err; +}diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index 0e231c0b1d04..e86674811996 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c@@ -2867,7 +2867,7 @@ static int bpf_prog_mark_insn_arrays_ready(struct bpf_prog *prog) /* last field in 'union bpf_attr' used by this command */ #define BPF_PROG_LOAD_LAST_FIELD keyring_id -static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size) +static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, struct bpf_log_attr *attr_log) { enum bpf_prog_type type = attr->prog_type; struct bpf_prog *prog, *dst_prog = NULL;@@ -3085,7 +3085,7 @@ static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size) goto free_prog_sec; /* run eBPF verifier */ - err = bpf_check(&prog, attr, uattr, uattr_size); + err = bpf_check(&prog, attr, uattr, attr_log); if (err < 0) goto free_used_maps;@@ -6189,7 +6189,10 @@ static int prog_assoc_struct_ops(union bpf_attr *attr) static int __sys_bpf(enum bpf_cmd cmd, bpfptr_t uattr, unsigned int size, bpfptr_t uattr_common, unsigned int size_common) { + bool from_user = !bpfptr_is_kernel(uattr); struct bpf_common_attr attr_common; + u32 __user *log_true_size = NULL; + struct bpf_log_attr attr_log; union bpf_attr attr; int err;@@ -6241,7 +6244,11 @@ static int __sys_bpf(enum bpf_cmd cmd, bpfptr_t uattr, unsigned int size, err = map_freeze(&attr); break; case BPF_PROG_LOAD: - err = bpf_prog_load(&attr, uattr, size); + if (from_user && size >= offsetofend(union bpf_attr, log_true_size)) + log_true_size = uattr.user + offsetof(union bpf_attr, log_true_size);
So you added 'from_user' gating because you replaced copy_to_bpfptr_offset() with copy_to_user()? This is a drastic change in behavior and you don't even talk about it in the commit log. You said "refactor". This is not a refactoring! This is v10. The common_attr feature is useful, but you really need to think harder about what your patches are doing. pw-bot: cr