From 5c79165bb23563d264cfbc14ebf41a86f21fc126 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maciej=20=C5=BBenczykowski?= Date: Wed, 3 Aug 2022 23:49:08 +0000 Subject: [PATCH] require a bpf program definition MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit (it should always be present with current tooling) Test: TreeHugger Signed-off-by: Maciej Żenczykowski Change-Id: Ib7ec357cc63d8db251abdf7f7d4b41bb2aabe104 --- libbpf_android/Loader.cpp | 56 +++++++++++++++++++-------------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/libbpf_android/Loader.cpp b/libbpf_android/Loader.cpp index d987f2e..4c0f5c7 100644 --- a/libbpf_android/Loader.cpp +++ b/libbpf_android/Loader.cpp @@ -995,33 +995,35 @@ static int loadCodeSections(const char* elfPath, vector& cs, const unsigned kvers = kernelVersion(); int ret, fd; - if (!kvers) return -1; + if (!kvers) { + ALOGE("unable to get kernel version"); + return -EINVAL; + } string objName = pathToObjName(string(elfPath)); for (int i = 0; i < (int)cs.size(); i++) { string name = cs[i].name; - unsigned bpfMinVer = DEFAULT_BPFLOADER_MIN_VER; // v0.0 - unsigned bpfMaxVer = DEFAULT_BPFLOADER_MAX_VER; // v1.0 - domain selinux_context = domain::unspecified; - domain pin_subdir = domain::unspecified; - if (cs[i].prog_def.has_value()) { - unsigned min_kver = cs[i].prog_def->min_kver; - unsigned max_kver = cs[i].prog_def->max_kver; - ALOGD("cs[%d].name:%s min_kver:%x .max_kver:%x (kvers:%x)", i, name.c_str(), min_kver, - max_kver, kvers); - if (kvers < min_kver) continue; - if (kvers >= max_kver) continue; - - bpfMinVer = cs[i].prog_def->bpfloader_min_ver; - bpfMaxVer = cs[i].prog_def->bpfloader_max_ver; - selinux_context = getDomainFromSelinuxContext(cs[i].prog_def->selinux_context); - pin_subdir = getDomainFromPinSubdir(cs[i].prog_def->pin_subdir); - // Note: make sure to only check for unrecognized *after* verifying bpfloader - // version limits include this bpfloader's version. + if (!cs[i].prog_def.has_value()) { + ALOGE("[%d] '%s' missing program definition! bad bpf.o build?", i, name.c_str()); + return -EINVAL; } + unsigned min_kver = cs[i].prog_def->min_kver; + unsigned max_kver = cs[i].prog_def->max_kver; + ALOGD("cs[%d].name:%s min_kver:%x .max_kver:%x (kvers:%x)", i, name.c_str(), min_kver, + max_kver, kvers); + if (kvers < min_kver) continue; + if (kvers >= max_kver) continue; + + unsigned bpfMinVer = cs[i].prog_def->bpfloader_min_ver; + unsigned bpfMaxVer = cs[i].prog_def->bpfloader_max_ver; + domain selinux_context = getDomainFromSelinuxContext(cs[i].prog_def->selinux_context); + domain pin_subdir = getDomainFromPinSubdir(cs[i].prog_def->pin_subdir); + // Note: make sure to only check for unrecognized *after* verifying bpfloader + // version limits include this bpfloader's version. + ALOGD("cs[%d].name:%s requires bpfloader version [0x%05x,0x%05x)", i, name.c_str(), bpfMinVer, bpfMaxVer); if (BPFLOADER_VERSION < bpfMinVer) continue; @@ -1089,7 +1091,7 @@ static int loadCodeSections(const char* elfPath, vector& cs, const for (const auto& line : lines) ALOGW("%s", line.c_str()); ALOGW("bpf_prog_load - END log_buf contents."); - if (cs[i].prog_def.has_value() && cs[i].prog_def->optional) { + if (cs[i].prog_def->optional) { ALOGW("failed program is marked optional - continuing..."); continue; } @@ -1130,14 +1132,12 @@ static int loadCodeSections(const char* elfPath, vector& cs, const ALOGE("chmod %s 0440 -> [%d:%s]", progPinLoc.c_str(), err, strerror(err)); return -err; } - if (cs[i].prog_def.has_value()) { - if (chown(progPinLoc.c_str(), (uid_t)cs[i].prog_def->uid, - (gid_t)cs[i].prog_def->gid)) { - int err = errno; - ALOGE("chown %s %d %d -> [%d:%s]", progPinLoc.c_str(), cs[i].prog_def->uid, - cs[i].prog_def->gid, err, strerror(err)); - return -err; - } + if (chown(progPinLoc.c_str(), (uid_t)cs[i].prog_def->uid, + (gid_t)cs[i].prog_def->gid)) { + int err = errno; + ALOGE("chown %s %d %d -> [%d:%s]", progPinLoc.c_str(), cs[i].prog_def->uid, + cs[i].prog_def->gid, err, strerror(err)); + return -err; } }