hulk inclusion category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IBIADD CVE: CVE-2024-47794 -------------------------------- Fix kabi breakage in struct bpf_prog_aux by using KABI_FILL_HOLE and KABI_USE. Fixes: cb11bb8d80fe ("bpf: Prevent tailcall infinite loop caused by freplace") Signed-off-by: Tengda Wu <wutengda2@huawei.com> --- include/linux/bpf.h | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/include/linux/bpf.h b/include/linux/bpf.h index 860472ddd54c..8b38934dd834 100644 --- a/include/linux/bpf.h +++ b/include/linux/bpf.h @@ -1468,6 +1468,7 @@ struct bpf_prog_aux { u32 ctx_arg_info_size; u32 max_rdonly_access; u32 max_rdwr_access; + KABI_FILL_HOLE(bool is_extended) /* true if extended by freplace program */ struct btf *attach_btf; const struct bpf_ctx_arg_aux *ctx_arg_info; struct mutex dst_mutex; /* protects dst_* pointers below, *after* prog becomes visible */ @@ -1483,9 +1484,6 @@ struct bpf_prog_aux { bool sleepable; bool tail_call_reachable; bool xdp_has_frags; - bool is_extended; /* true if extended by freplace program */ - u64 prog_array_member_cnt; /* counts how many times as member of prog_array */ - struct mutex ext_mutex; /* mutex for is_extended and prog_array_member_cnt */ /* BTF_KIND_FUNC_PROTO for valid attach_btf_id */ const struct btf_type *attach_func_proto; /* function name for valid attach_btf_id */ @@ -1545,11 +1543,15 @@ struct bpf_prog_aux { struct rcu_head rcu; }; - KABI_RESERVE(1) + KABI_USE(1, u64 prog_array_member_cnt) /* counts how many times as member of prog_array */ +#ifdef __GENKSYMS__ KABI_RESERVE(2) KABI_RESERVE(3) KABI_RESERVE(4) KABI_RESERVE(5) +#else + struct mutex ext_mutex; /* mutex for is_extended and prog_array_member_cnt */ +#endif KABI_RESERVE(6) KABI_RESERVE(7) KABI_RESERVE(8) -- 2.34.1