bpf: fix a rcu usage warning in bpf_prog_array_copy_core()

Commit 394e40a29788 ("bpf: extend bpf_prog_array to store pointers
to the cgroup storage") refactored the bpf_prog_array_copy_core()
to accommodate new structure bpf_prog_array_item which contains
bpf_prog array itself.

In the old code, we had
   perf_event_query_prog_array():
     mutex_lock(...)
     bpf_prog_array_copy_call():
       prog = rcu_dereference_check(array, 1)->progs
       bpf_prog_array_copy_core(prog, ...)
     mutex_unlock(...)

With the above commit, we had
   perf_event_query_prog_array():
     mutex_lock(...)
     bpf_prog_array_copy_call():
       bpf_prog_array_copy_core(array, ...):
         item = rcu_dereference(array)->items;
         ...
     mutex_unlock(...)

The new code will trigger a lockdep rcu checking warning.
The fix is to change rcu_dereference() to rcu_dereference_check()
to prevent such a warning.

Reported-by: [email protected]
Fixes: 394e40a29788 ("bpf: extend bpf_prog_array to store pointers to the cgroup storage")
Cc: Roman Gushchin <[email protected]>
Signed-off-by: Yonghong Song <[email protected]>
Acked-by: Alexei Starovoitov <[email protected]>
Acked-by: Roman Gushchin <[email protected]>
Signed-off-by: Daniel Borkmann <[email protected]>

diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
index 4d09e610777fc3bb9bdaa2b540ac1145977f8394..3f5bf1af08260ed5ccbb68484fe39d2253931701 100644 (file)
--- a/kernel/bpf/core.c
+++ b/kernel/bpf/core.c
@@ -1579,7 +1579,7 @@ static bool bpf_prog_array_copy_core(struct bpf_prog_array __rcu *array,
        struct bpf_prog_array_item *item;
        int i = 0;
 
-       item = rcu_dereference(array)->items;
+       item = rcu_dereference_check(array, 1)->items;
        for (; item->prog; item++) {
                if (item->prog == &dummy_bpf_prog.prog)
                        continue;