network/sysctl-monitor: change variable type to avoid preverifier denial

The compiler clones the u32 i variable to another register, and fails to
calculate the range of possible values, so the verification fails.

    libbpf: prog 'sysctl_monitor': BPF program load failed: Permission denied
    libbpf: prog 'sysctl_monitor': -- BEGIN PROG LOAD LOG --
    0: R1=ctx() R10=fp0
    ; int sysctl_monitor(struct bpf_sysctl *ctx) { @ sysctl-monitor.bpf.c:65
    0: (bf) r6 = r1                       ; R1=ctx() R6_w=ctx()
    ; if (bpf_current_task_under_cgroup(&cgroup_map, 0)) @ sysctl-monitor.bpf.c:69
    1: (18) r1 = 0xffff892a0fda9c00       ; R1_w=map_ptr(map=cgroup_map,ks=4,vs=4)
    3: (b7) r2 = 0                        ; R2_w=0
    4: (85) call bpf_current_task_under_cgroup#37         ; R0_w=scalar()
    5: (55) if r0 != 0x0 goto pc+88       ; R0_w=0
    ; if (!ctx->write) @ sysctl-monitor.bpf.c:73
    6: (61) r1 = *(u32 *)(r6 +0)          ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R6_w=ctx()
    7: (15) if r1 == 0x0 goto pc+86       ; R1_w=scalar(smin=umin=umin32=1,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
    8: (b7) r1 = 1                        ; R1_w=1
    ; we.version = 1; @ sysctl-monitor.bpf.c:81
    9: (7b) *(u64 *)(r10 -480) = r1       ; R1_w=1 R10=fp0 fp-480_w=1
    10: (b7) r8 = 0                       ; R8_w=0
    ; we.path[0] = 0; @ sysctl-monitor.bpf.c:83
    11: (73) *(u8 *)(r10 -440) = r8       ; R8_w=0 R10=fp0 fp-440=???????0
    ; we.newvalue[0] = 0; @ sysctl-monitor.bpf.c:86
    12: (73) *(u8 *)(r10 -180) = r8       ; R8_w=0 R10=fp0 fp-184=???0????
    ; we.current[0] = 0; @ sysctl-monitor.bpf.c:85
    13: (73) *(u8 *)(r10 -340) = r8       ; R8_w=0 R10=fp0 fp-344=???0????
    ; we.comm[0] = 0; @ sysctl-monitor.bpf.c:84
    14: (73) *(u8 *)(r10 -456) = r8       ; R8_w=0 R10=fp0 fp-456=???????0
    ; we.pid = bpf_get_current_pid_tgid() >> 32; @ sysctl-monitor.bpf.c:89
    15: (85) call bpf_get_current_pid_tgid#14     ; R0=scalar()
    16: (77) r0 >>= 32                    ; R0_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
    17: (63) *(u32 *)(r10 -472) = r0      ; R0_w=scalar(id=1,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-472=????scalar(id=1,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
    ; we.cgroup_id = bpf_get_current_cgroup_id(); @ sysctl-monitor.bpf.c:90
    18: (85) call bpf_get_current_cgroup_id#80    ; R0_w=s
    libbpf: prog 'sysctl_monitor': failed to load: -13
    libbpf: failed to load object 'sysctl_monitor_bpf'
    libbpf: failed to load BPF skeleton 'sysctl_monitor_bpf': -13
    Unable to load sysctl monitor BPF program, ignoring: Permission denied.

Change the type to u64 to fix it.

diff --git a/src/network/bpf/sysctl_monitor/sysctl-monitor.bpf.c b/src/network/bpf/sysctl_monitor/sysctl-monitor.bpf.c
index e0ec8489d21bec4262fa59c85de95acb2ca703a5..38183605a2873a6ea2138e2b688a42ba61485368 100644 (file)
--- a/src/network/bpf/sysctl_monitor/sysctl-monitor.bpf.c
+++ b/src/network/bpf/sysctl_monitor/sysctl-monitor.bpf.c
@@ -33,7 +33,7 @@ struct str {
         size_t l;
 };
 
-static long cut_last(u32 i, struct str *str) {
+static long cut_last(u64 i, struct str *str) {
         char *s;
 
         /* Sanity check for the preverifier */