bpf: fix rcu annotations in compute_effective_progs()
authorRoman Gushchin <guro@fb.com>
Fri, 13 Jul 2018 19:41:11 +0000 (12:41 -0700)
committerDaniel Borkmann <daniel@iogearbox.net>
Wed, 18 Jul 2018 13:01:54 +0000 (15:01 +0200)
The progs local variable in compute_effective_progs() is marked
as __rcu, which is not correct. This is a local pointer, which
is initialized by bpf_prog_array_alloc(), which also now
returns a generic non-rcu pointer.

The real rcu-protected pointer is *array (array is a pointer
to an RCU-protected pointer), so the assignment should be performed
using rcu_assign_pointer().

Fixes: 324bda9e6c5a ("bpf: multi program support for cgroup+bpf")
Signed-off-by: Roman Gushchin <guro@fb.com>
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
kernel/bpf/cgroup.c

index 3d83ee7df381b1def956b5e645376451d797440e..badabb0b435cb72747a4065b6d8c62c7c3419a2d 100644 (file)
@@ -95,7 +95,7 @@ static int compute_effective_progs(struct cgroup *cgrp,
                                   enum bpf_attach_type type,
                                   struct bpf_prog_array __rcu **array)
 {
-       struct bpf_prog_array __rcu *progs;
+       struct bpf_prog_array *progs;
        struct bpf_prog_list *pl;
        struct cgroup *p = cgrp;
        int cnt = 0;
@@ -120,13 +120,12 @@ static int compute_effective_progs(struct cgroup *cgrp,
                                            &p->bpf.progs[type], node) {
                                if (!pl->prog)
                                        continue;
-                               rcu_dereference_protected(progs, 1)->
-                                       progs[cnt++] = pl->prog;
+                               progs->progs[cnt++] = pl->prog;
                        }
                p = cgroup_parent(p);
        } while (p);
 
-       *array = progs;
+       rcu_assign_pointer(*array, progs);
        return 0;
 }