Skip to content

[Deepin-Kernel-SIG] [linux 6.12-y] bpf: a temporary supplement fix for bpf_lsm_mmap_file null access #1408

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
opsiff merged 1 commit into from
Jan 6, 2026
Merged

[Deepin-Kernel-SIG] [linux 6.12-y] bpf: a temporary supplement fix for bpf_lsm_mmap_file null access #1408

opsiff merged 1 commit into from
Jan 6, 2026

Conversation

@lax-fly
Copy link

@lax-fly lax-fly commented Jan 5, 2026
edited by sourcery-ai bot
Loading

fix patch before(check url below for details) might not work until pahole support BTF weak symbol override.
This commit is a temporary workaround, ugly but effective, and should be remove in the future when pahole is updated

fix patch before:
patch1: #1392
patch2: #1393

Summary by Sourcery

Bug Fixes:

  • Prevent potential null pointer access when handling the first parameter of the bpf_lsm_mmap_file hook by treating it as maybe-null in BPF verifier context.

@xu-lang
bpf: a temporary fix for bpf_lsm_mmap_file null access
4f0b46b 
fix patch before might not work until pahole support BTF weak
symbol override.

Signed-off-by: xulang <xulang@uniontech.com>
@sourcery-ai
Copy link

sourcery-ai bot commented Jan 5, 2026
edited
Loading

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

Temporarily relaxes BTF-based nullability checking for the first argument of the bpf_lsm_mmap_file hook by forcing its context pointer to be treated as maybe-null during BPF verification, working around missing BTF weak symbol override support in pahole.

File-Level Changes

Change Details Files
Force the first argument of bpf_lsm_mmap_file to be treated as a maybe-null pointer as a temporary workaround for potential null access.
  • Extend btf_ctx_access to unconditionally mark the first parameter of bpf_lsm_mmap_file as PTR_MAYBE_NULL in verifier metadata
  • Guard the workaround with a specific function-name check using strcmp and argument index 0
  • Document in comments that this is a temporary workaround to be removed once pahole supports BTF weak symbol overrides
 kernel/bpf/btf.c
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@deepin-ci-robot
Copy link

deepin-ci-robot commented Jan 5, 2026

Hi @lax-fly. Thanks for your PR.

I'm waiting for a deepin-community member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@deepin-ci-robot
Copy link

deepin-ci-robot commented Jan 5, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: opsiff

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

Copilot AI reviewed Jan 6, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds a temporary workaround to prevent null pointer access when handling the first parameter of the bpf_lsm_mmap_file hook in the BPF verifier. The fix manually marks this parameter as potentially null until pahole gains support for BTF weak symbol override, at which point this workaround should be removed.

Key Changes:

  • Added explicit null-safety check for bpf_lsm_mmap_file's first parameter in BPF context access validation

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

kernel/bpf/btf.c
info->reg_type |= PTR_MAYBE_NULL;

/* a temporary workaround for bpf_lsm_mmap_file null pointer access,
* urgly but effective, should be removed while BTF weak symbol is
Copy link

Copilot AI Jan 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Spelling error in comment: "urgly" should be "ugly".

Suggested change
* urgly but effective, should be removed while BTF weak symbol is
* ugly but effective, should be removed while BTF weak symbol is

Copilot uses AI. Check for mistakes.
@opsiff opsiff merged commit 2b6cad9 into deepin-community:linux-6.12.y Jan 6, 2026
12 of 13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@opsiff opsiff opsiff approved these changes

@chenchongbiao chenchongbiao Awaiting requested review from chenchongbiao

@myml myml Awaiting requested review from myml

@Avenger-285714 Avenger-285714 Awaiting requested review from Avenger-285714

Assignees

No one assigned

Labels

approved needs-ok-to-test

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@lax-fly @deepin-ci-robot @opsiff @xu-lang