 
            From: Tengda Wu <wutengda2@huawei.com> hulk inclusion category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9QG81 CVE: CVE-2024-35860 -------------------------------- After backport LTS commit 777a1adfea1c ("[Backport] bpf: support deferring bpf_link dealloc to after RCU grace period"), `bpf_link` and `bpf_link_ops` structures have changed, causing kabi breakage. Use KABI_REPLACE and KABI_USE to fix kabi breakage in struct `bpf_link` and struct `bpf_link_ops`. Fixes: 1a1260f3db15 ("bpf: support deferring bpf_link dealloc to after RCU grace period") Signed-off-by: Tengda Wu <wutengda2@huawei.com> Signed-off-by: Pu Lehui <pulehui@huawei.com> --- include/linux/bpf.h | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/include/linux/bpf.h b/include/linux/bpf.h index b11095aaa684..8c4c2c39a6c1 100644 --- a/include/linux/bpf.h +++ b/include/linux/bpf.h @@ -1585,10 +1585,10 @@ struct bpf_link { /* rcu is used before freeing, work can be used to schedule that * RCU-based freeing before that, so they never overlap */ - union { + KABI_REPLACE(struct work_struct work, union { struct rcu_head rcu; struct work_struct work; - }; + }) KABI_RESERVE(1) KABI_RESERVE(2) @@ -1602,11 +1602,6 @@ struct bpf_link_ops { * waiting */ void (*dealloc)(struct bpf_link *link); - /* deallocate link resources callback, called after RCU grace period; - * if underlying BPF program is sleepable we go through tasks trace - * RCU GP and then "classic" RCU GP - */ - void (*dealloc_deferred)(struct bpf_link *link); int (*detach)(struct bpf_link *link); int (*update_prog)(struct bpf_link *link, struct bpf_prog *new_prog, struct bpf_prog *old_prog); @@ -1616,7 +1611,11 @@ struct bpf_link_ops { int (*update_map)(struct bpf_link *link, struct bpf_map *new_map, struct bpf_map *old_map); - KABI_RESERVE(1) + /* deallocate link resources callback, called after RCU grace period; + * if underlying BPF program is sleepable we go through tasks trace + * RCU GP and then "classic" RCU GP + */ + KABI_USE(1, void (*dealloc_deferred)(struct bpf_link *link)) KABI_RESERVE(2) KABI_RESERVE(3) KABI_RESERVE(4) -- 2.34.1