From 808575bf560d787317f78ffb163eb3398d651c98 Mon Sep 17 00:00:00 2001 From: Michal Rostecki Date: Thu, 26 May 2022 17:15:41 +0200 Subject: [PATCH 1/2] common: Bump the buffer size 1024 is too small for many kernel string limits (i.e. PATH_MAX, which is 4096). Signed-off-by: Michal Rostecki --- aya-log-common/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aya-log-common/src/lib.rs b/aya-log-common/src/lib.rs index b30fafc7..5a0bd419 100644 --- a/aya-log-common/src/lib.rs +++ b/aya-log-common/src/lib.rs @@ -1,6 +1,6 @@ #![no_std] -pub const LOG_BUF_CAPACITY: usize = 1024; +pub const LOG_BUF_CAPACITY: usize = 8192; pub const LOG_FIELDS: usize = 7; From 9be90f8a74de26de16a5cb79206f027d0cbed377 Mon Sep 17 00:00:00 2001 From: Michal Rostecki Date: Thu, 26 May 2022 17:53:46 +0200 Subject: [PATCH 2/2] ebpf: Ensure the bounds of log buffer eBPF verifier rejects programs which are not checking the bounds of the log buffer before writing any arguments. This change ensures that written log arguments. In practice, it means that doing this kind of checks is not going to be needed in eBPF program code anymore: https://github.com/alessandrod/aya-echo-tracepoint/blob/33a1aee2eaa7503615a444ffa574dfba2be943f9/echo-ebpf/src/main.rs#L47 Tested on: https://github.com/vadorovsky/aya-echo-tracepoint/tree/876f8b45511d0818b683de9a2196e8103b92e1a7 Signed-off-by: Michal Rostecki --- ebpf/aya-log-ebpf-macros/src/expand.rs | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ebpf/aya-log-ebpf-macros/src/expand.rs b/ebpf/aya-log-ebpf-macros/src/expand.rs index 5ff93aac..f0cfc62e 100644 --- a/ebpf/aya-log-ebpf-macros/src/expand.rs +++ b/ebpf/aya-log-ebpf-macros/src/expand.rs @@ -92,6 +92,9 @@ pub(crate) fn log(args: LogArgs, level: Option) -> Result(record_len) #( .and_then(|record_len| { + if record_len >= buf.buf.len() { + return Err(()); + } { #formatting_exprs }.write(&mut buf.buf[record_len..]).map(|len| record_len + len) }) )* }};