Skip to content

Commit ad46061

Browse files
Jakub Kicinskiborkmann
Jakub Kicinski
authored and
borkmann
committed
bpf: arraymap: move checks out of alloc function
Use the new callback to perform allocation checks for array maps. The fd maps don't need a special allocation callback, they only need a special check callback. Signed-off-by: Jakub Kicinski <[email protected]> Reviewed-by: Quentin Monnet <[email protected]> Signed-off-by: Daniel Borkmann <[email protected]>
1 parent 0c91c42 commit ad46061

File tree

1 file changed

+28
-14
lines changed

1 file changed

+28
-14
lines changed

kernel/bpf/arraymap.c

Lines changed: 28 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -49,27 +49,35 @@ static int bpf_array_alloc_percpu(struct bpf_array *array)
4949
}
5050

5151
/* Called from syscall */
52-
static struct bpf_map *array_map_alloc(union bpf_attr *attr)
52+
static int array_map_alloc_check(union bpf_attr *attr)
5353
{
5454
bool percpu = attr->map_type == BPF_MAP_TYPE_PERCPU_ARRAY;
5555
int numa_node = bpf_map_attr_numa_node(attr);
56-
u32 elem_size, index_mask, max_entries;
57-
bool unpriv = !capable(CAP_SYS_ADMIN);
58-
struct bpf_array *array;
59-
u64 array_size, mask64;
6056

6157
/* check sanity of attributes */
6258
if (attr->max_entries == 0 || attr->key_size != 4 ||
6359
attr->value_size == 0 ||
6460
attr->map_flags & ~ARRAY_CREATE_FLAG_MASK ||
6561
(percpu && numa_node != NUMA_NO_NODE))
66-
return ERR_PTR(-EINVAL);
62+
return -EINVAL;
6763

6864
if (attr->value_size > KMALLOC_MAX_SIZE)
6965
/* if value_size is bigger, the user space won't be able to
7066
* access the elements.
7167
*/
72-
return ERR_PTR(-E2BIG);
68+
return -E2BIG;
69+
70+
return 0;
71+
}
72+
73+
static struct bpf_map *array_map_alloc(union bpf_attr *attr)
74+
{
75+
bool percpu = attr->map_type == BPF_MAP_TYPE_PERCPU_ARRAY;
76+
int numa_node = bpf_map_attr_numa_node(attr);
77+
u32 elem_size, index_mask, max_entries;
78+
bool unpriv = !capable(CAP_SYS_ADMIN);
79+
struct bpf_array *array;
80+
u64 array_size, mask64;
7381

7482
elem_size = round_up(attr->value_size, 8);
7583

@@ -327,6 +335,7 @@ static void array_map_free(struct bpf_map *map)
327335
}
328336

329337
const struct bpf_map_ops array_map_ops = {
338+
.map_alloc_check = array_map_alloc_check,
330339
.map_alloc = array_map_alloc,
331340
.map_free = array_map_free,
332341
.map_get_next_key = array_map_get_next_key,
@@ -337,6 +346,7 @@ const struct bpf_map_ops array_map_ops = {
337346
};
338347

339348
const struct bpf_map_ops percpu_array_map_ops = {
349+
.map_alloc_check = array_map_alloc_check,
340350
.map_alloc = array_map_alloc,
341351
.map_free = array_map_free,
342352
.map_get_next_key = array_map_get_next_key,
@@ -345,12 +355,12 @@ const struct bpf_map_ops percpu_array_map_ops = {
345355
.map_delete_elem = array_map_delete_elem,
346356
};
347357

348-
static struct bpf_map *fd_array_map_alloc(union bpf_attr *attr)
358+
static int fd_array_map_alloc_check(union bpf_attr *attr)
349359
{
350360
/* only file descriptors can be stored in this type of map */
351361
if (attr->value_size != sizeof(u32))
352-
return ERR_PTR(-EINVAL);
353-
return array_map_alloc(attr);
362+
return -EINVAL;
363+
return array_map_alloc_check(attr);
354364
}
355365

356366
static void fd_array_map_free(struct bpf_map *map)
@@ -474,7 +484,8 @@ void bpf_fd_array_map_clear(struct bpf_map *map)
474484
}
475485

476486
const struct bpf_map_ops prog_array_map_ops = {
477-
.map_alloc = fd_array_map_alloc,
487+
.map_alloc_check = fd_array_map_alloc_check,
488+
.map_alloc = array_map_alloc,
478489
.map_free = fd_array_map_free,
479490
.map_get_next_key = array_map_get_next_key,
480491
.map_lookup_elem = fd_array_map_lookup_elem,
@@ -561,7 +572,8 @@ static void perf_event_fd_array_release(struct bpf_map *map,
561572
}
562573

563574
const struct bpf_map_ops perf_event_array_map_ops = {
564-
.map_alloc = fd_array_map_alloc,
575+
.map_alloc_check = fd_array_map_alloc_check,
576+
.map_alloc = array_map_alloc,
565577
.map_free = fd_array_map_free,
566578
.map_get_next_key = array_map_get_next_key,
567579
.map_lookup_elem = fd_array_map_lookup_elem,
@@ -592,7 +604,8 @@ static void cgroup_fd_array_free(struct bpf_map *map)
592604
}
593605

594606
const struct bpf_map_ops cgroup_array_map_ops = {
595-
.map_alloc = fd_array_map_alloc,
607+
.map_alloc_check = fd_array_map_alloc_check,
608+
.map_alloc = array_map_alloc,
596609
.map_free = cgroup_fd_array_free,
597610
.map_get_next_key = array_map_get_next_key,
598611
.map_lookup_elem = fd_array_map_lookup_elem,
@@ -610,7 +623,7 @@ static struct bpf_map *array_of_map_alloc(union bpf_attr *attr)
610623
if (IS_ERR(inner_map_meta))
611624
return inner_map_meta;
612625

613-
map = fd_array_map_alloc(attr);
626+
map = array_map_alloc(attr);
614627
if (IS_ERR(map)) {
615628
bpf_map_meta_free(inner_map_meta);
616629
return map;
@@ -673,6 +686,7 @@ static u32 array_of_map_gen_lookup(struct bpf_map *map,
673686
}
674687

675688
const struct bpf_map_ops array_of_maps_map_ops = {
689+
.map_alloc_check = fd_array_map_alloc_check,
676690
.map_alloc = array_of_map_alloc,
677691
.map_free = array_of_map_free,
678692
.map_get_next_key = array_map_get_next_key,

0 commit comments

Comments
 (0)