]> git.ipfire.org Git - thirdparty/linux.git/commitdiff
projects / thirdparty / linux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d2f7bd0)
libbpf: Skip endianness swap when loader generation failed
authorDaniel Borkmann <daniel@iogearbox.net>
Fri, 29 May 2026 16:28:29 +0000 (18:28 +0200)
committerAlexei Starovoitov <ast@kernel.org>
Mon, 1 Jun 2026 00:48:27 +0000 (17:48 -0700)
bpf_gen__prog_load() byte-swaps the program insns and the {func,line}_info
and CO-RE relo blobs in place for cross-endian targets. The blob offsets
come from add_data(), which returns 0 on failure: realloc_data_buf() either
frees and NULLs gen->data_start (realloc OOM) or returns early on an
already-latched gen->error, leaving a stale, possibly too-small buffer.

Neither bswap site checked for this. With gen->swapped_endian set and a
failed generation, "gen->data_start + off" becomes NULL + 0. Guard the
same way via !gen->error so they are skipped once generation has failed.

Fixes: 8ca3323dce43 ("libbpf: Support creating light skeleton of either endianness")
Reported-by: sashiko <sashiko@sashiko.dev>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/r/20260529162829.315921-1-daniel@iogearbox.net
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
tools/lib/bpf/gen_loader.c patch | blob | blame | history

diff --git a/tools/lib/bpf/gen_loader.c b/tools/lib/bpf/gen_loader.c
index 492360ca07ea393762a8f7e8071ec79b7dd7d76c..3702c5944bc02f91ee7374bee435f65c5d205f78 100644 (file)
--- a/tools/lib/bpf/gen_loader.c
+++ b/tools/lib/bpf/gen_loader.c
@@ -1054,7 +1054,7 @@ void bpf_gen__prog_load(struct bpf_gen *gen,
                 prog_idx, prog_type, insns_off, insn_cnt, license_off);
 
        /* convert blob insns to target endianness */
-       if (gen->swapped_endian) {
+       if (gen->swapped_endian && !gen->error) {
                struct bpf_insn *insn = gen->data_start + insns_off;
                int i;
 
@@ -1092,7 +1092,7 @@ void bpf_gen__prog_load(struct bpf_gen *gen,
                 sizeof(struct bpf_core_relo));
 
        /* convert all info blobs to target endianness */
-       if (gen->swapped_endian)
+       if (gen->swapped_endian && !gen->error)
                info_blob_bswap(gen, func_info, line_info, core_relos, load_attr);
 
        libbpf_strlcpy(attr.prog_name, prog_name, sizeof(attr.prog_name));
A mirror of Linus' kernel repository