From 9be90f8a74de26de16a5cb79206f027d0cbed377 Mon Sep 17 00:00:00 2001
From: Michal Rostecki <vadorovsky@gmail.com>
Date: Thu, 26 May 2022 17:53:46 +0200
Subject: [PATCH] ebpf: Ensure the bounds of log buffer

eBPF verifier rejects programs which are not checking the bounds of the
log buffer before writing any arguments. This change ensures that
written log arguments.

In practice, it means that doing this kind of checks is not going to be
needed in eBPF program code anymore:

https://github.com/alessandrod/aya-echo-tracepoint/blob/33a1aee2eaa7503615a444ffa574dfba2be943f9/echo-ebpf/src/main.rs#L47

Tested on:

https://github.com/vadorovsky/aya-echo-tracepoint/tree/876f8b45511d0818b683de9a2196e8103b92e1a7

Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>
---
 ebpf/aya-log-ebpf-macros/src/expand.rs | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ebpf/aya-log-ebpf-macros/src/expand.rs b/ebpf/aya-log-ebpf-macros/src/expand.rs
index 5ff93aac..f0cfc62e 100644
--- a/ebpf/aya-log-ebpf-macros/src/expand.rs
+++ b/ebpf/aya-log-ebpf-macros/src/expand.rs
@@ -92,6 +92,9 @@ pub(crate) fn log(args: LogArgs, level: Option<TokenStream>) -> Result<TokenStre
             let write_args = quote! {{
                 use ::aya_log_ebpf::WriteToBuf;
                 Ok::<_, ()>(record_len) #( .and_then(|record_len| {
+                    if record_len >= buf.buf.len() {
+                        return Err(());
+                    }
                     { #formatting_exprs }.write(&mut buf.buf[record_len..]).map(|len| record_len + len)
                 }) )*
             }};