On Mon, Feb 2, 2026 at 6:42 AM Leon Hwang <[email protected]> wrote:
>
> BPF_PROG_LOAD can now provide log parameters through both union bpf_attr
> and struct bpf_common_attr. Define clear conflict and precedence rules:
>
> - if both are provided and log_buf/log_size/log_level match, use them;
> - if only one side provides a log buffer, use that one;
> - if both provide log buffers but differ, return -EINVAL.
>
> Signed-off-by: Leon Hwang <[email protected]>
> ---
> include/linux/bpf_verifier.h | 3 ++-
> kernel/bpf/log.c | 24 ++++++++++++++++++++++--
> kernel/bpf/syscall.c | 3 ++-
> 3 files changed, 26 insertions(+), 4 deletions(-)
>
> diff --git a/include/linux/bpf_verifier.h b/include/linux/bpf_verifier.h
> index c805b85b6f7a..0d106fddbbc5 100644
> --- a/include/linux/bpf_verifier.h
> +++ b/include/linux/bpf_verifier.h
> @@ -638,7 +638,8 @@ struct bpf_log_attr {
> };
>
> int bpf_prog_load_log_attr_init(struct bpf_log_attr *attr_log, union
> bpf_attr *attr,
> - bpfptr_t uattr, u32 size);
> + bpfptr_t uattr, u32 size, struct
> bpf_common_attr *attr_common,
> + bpfptr_t uattr_common, u32 size_common);
> int bpf_log_attr_finalize(struct bpf_log_attr *attr, struct bpf_verifier_log
> *log);
>
> #define BPF_MAX_SUBPROGS 256
> diff --git a/kernel/bpf/log.c b/kernel/bpf/log.c
> index ff579fcba36f..345005ba98dd 100644
> --- a/kernel/bpf/log.c
> +++ b/kernel/bpf/log.c
> @@ -873,10 +873,30 @@ static void bpf_log_attr_init(struct bpf_log_attr
> *attr_log, int offsetof_true_s
> attr_log->uattr = uattr;
> }
>
> +static bool bpf_log_attrs_diff(struct bpf_common_attr *common, u64 log_buf,
> u32 log_size,
> + u32 log_level)
> +{
> + return log_buf && common->log_buf && (log_buf != common->log_buf ||
> + log_size != common->log_size ||
> + log_level != common->log_level);
let's validate (unless we do this somewhere else) that if log_buf is
set, then log_size and log_level (? not sure, maybe zero is fine) are
set, or all three are not set. Same for common->log* fields...
> +}
> +
> int bpf_prog_load_log_attr_init(struct bpf_log_attr *attr_log, union
> bpf_attr *attr,
> - bpfptr_t uattr, u32 size)
> + bpfptr_t uattr, u32 size, struct
> bpf_common_attr *attr_common,
> + bpfptr_t uattr_common, u32 size_common)
> {
> - bpf_log_attr_init(attr_log, offsetof(union bpf_attr, log_true_size),
> uattr, size);
> + if (bpf_log_attrs_diff(attr_common, attr->log_buf, attr->log_size,
> attr->log_level))
> + return -EINVAL;
> +
> + if (!attr->log_buf && attr_common->log_buf) {
> + attr->log_buf = attr_common->log_buf;
> + attr->log_size = attr_common->log_size;
> + attr->log_level = attr_common->log_level;
why are we setting this? Do we still have code that can access
attr->log_buf even though we pass attr_log everywhere? If yes, should
we still have that "split brain" code?
If we don't have this assignment, then I think we don't need to have
bpf_prog_load-specific and btf_load-specific log_attr_init() helpers.
They can be unified into generic log_attr_init, where for
bpf_prog_load you'll pass offsetof(log_true_size) +
attr->log_{buf,size,level}, and for btf_load you'll pass different
offset of and btf-specific attr->btf_log*
This helper will just be making decision whether to use common_attr's
log fields or passed directly command-specific ones.
Or what am I missing?
> + bpf_log_attr_init(attr_log, offsetof(struct bpf_common_attr,
> log_true_size),
> + uattr_common, size_common);
> + } else {
> + bpf_log_attr_init(attr_log, offsetof(union bpf_attr,
> log_true_size), uattr, size);
> + }
> return 0;
> }
>
> diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
> index e81199361241..7125ea445c6c 100644
> --- a/kernel/bpf/syscall.c
> +++ b/kernel/bpf/syscall.c
> @@ -6232,7 +6232,8 @@ static int __sys_bpf(enum bpf_cmd cmd, bpfptr_t uattr,
> unsigned int size,
> err = map_freeze(&attr);
> break;
> case BPF_PROG_LOAD:
> - err = bpf_prog_load_log_attr_init(&attr_log, &attr, uattr,
> size);
> + err = bpf_prog_load_log_attr_init(&attr_log, &attr, uattr,
> size, &attr_common,
> + uattr_common, size_common);
> err = err ?: bpf_prog_load(&attr, uattr, &attr_log);
> break;
> case BPF_OBJ_PIN:
> --
> 2.52.0
>
