Re: [PATCH bpf-next 2/8] bpf: Disallow !kprobe_write_ctx progs tail-calling kprobe_write_ctx progs

[bot+bpf-ci]

> diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
> --- a/kernel/bpf/core.c
> +++ b/kernel/bpf/core.c

[ ... ]

> @@ -2415,6 +2416,8 @@ static bool __bpf_prog_map_compatible(struct bpf_map *map,
>  		      map->owner->jited == fp->jited &&
>  		      map->owner->xdp_has_frags == aux->xdp_has_frags &&
>  		      map->owner->sleepable == fp->sleepable;
> +		if (ret && (!map->owner->kprobe_write_ctx && aux->kprobe_write_ctx))
> +			ret = false;

Is this check one-directional on purpose? It rejects the case
where the map owner is !kprobe_write_ctx and the incoming program
has kprobe_write_ctx, but it allows the reverse: a !kprobe_write_ctx
program passing the compatibility check against a kprobe_write_ctx-
owning map.

This means the following sequence is possible:

  1. Program A (kprobe_write_ctx=true) is stored first in a
     prog_array, becoming the map owner.

  2. Program B (kprobe_write_ctx=false) passes the compatibility
     check because (!true && false) evaluates to false, so ret
     stays true.

  3. Program B is attached to a kprobe via __perf_event_set_bpf_prog(),
     which only rejects (kprobe_write_ctx && !is_uprobe) -- B passes
     because its kprobe_write_ctx is false.

  4. At runtime B tail-calls into A. Program A's instructions now
     execute in kprobe context and write to kernel pt_regs.

The same path applies when B merely uses the map for bpf_tail_call()
without being stored -- bpf_check_tail_call() runs the same
__bpf_prog_map_compatible() check and allows B through.

The commit message says "Reject the combination of !kprobe_write_ctx
progs with kprobe_write_ctx progs" which suggests both directions
should be blocked. Would a symmetric check be more appropriate here?

>  		if (ret &&
>  		    map->map_type == BPF_MAP_TYPE_PROG_ARRAY &&
>  		    map->owner->expected_attach_type != fp->expected_attach_type)


---
AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md

CI run summary: https://github.com/kernel-patches/bpf/actions/runs/22358832658

AI-authorship-score: low
AI-authorship-explanation: The commit message is concise and uses standard kernel terminology; the code changes follow established BPF patterns with no signs of AI-generated phrasing or structure.
issues-found: 1
issue-severity-score: high
issue-severity-explanation: The asymmetric compatibility check allows a !kprobe_write_ctx program attached to a kprobe to tail-call a kprobe_write_ctx program, enabling writes to kernel pt_regs in kprobe context and defeating the security enforcement the patch is meant to provide.