From 9be90f8a74de26de16a5cb79206f027d0cbed377 Mon Sep 17 00:00:00 2001 From: Michal Rostecki <vadorovsky@gmail.com> Date: Thu, 26 May 2022 17:53:46 +0200 Subject: [PATCH] ebpf: Ensure the bounds of log buffer eBPF verifier rejects programs which are not checking the bounds of the log buffer before writing any arguments. This change ensures that written log arguments. In practice, it means that doing this kind of checks is not going to be needed in eBPF program code anymore: https://github.com/alessandrod/aya-echo-tracepoint/blob/33a1aee2eaa7503615a444ffa574dfba2be943f9/echo-ebpf/src/main.rs#L47 Tested on: https://github.com/vadorovsky/aya-echo-tracepoint/tree/876f8b45511d0818b683de9a2196e8103b92e1a7 Signed-off-by: Michal Rostecki <vadorovsky@gmail.com> --- ebpf/aya-log-ebpf-macros/src/expand.rs | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ebpf/aya-log-ebpf-macros/src/expand.rs b/ebpf/aya-log-ebpf-macros/src/expand.rs index 5ff93aac..f0cfc62e 100644 --- a/ebpf/aya-log-ebpf-macros/src/expand.rs +++ b/ebpf/aya-log-ebpf-macros/src/expand.rs @@ -92,6 +92,9 @@ pub(crate) fn log(args: LogArgs, level: Option<TokenStream>) -> Result<TokenStre let write_args = quote! {{ use ::aya_log_ebpf::WriteToBuf; Ok::<_, ()>(record_len) #( .and_then(|record_len| { + if record_len >= buf.buf.len() { + return Err(()); + } { #formatting_exprs }.write(&mut buf.buf[record_len..]).map(|len| record_len + len) }) )* }};