Skip to content

Commit 3876ce1

Browse files
jsitnickiKernel Patches Daemon
authored andcommitted
bpf, verifier: Turn seen_direct_write flag into a bitmap
Convert seen_direct_write from a boolean to a bitmap (seen_packet_access) in preparation for tracking additional packet access patterns. No functional change. Signed-off-by: Jakub Sitnicki <[email protected]>
1 parent 59579ef commit 3876ce1

File tree

2 files changed

+11
-6
lines changed

2 files changed

+11
-6
lines changed

include/linux/bpf_verifier.h

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -637,6 +637,10 @@ enum priv_stack_mode {
637637
PRIV_STACK_ADAPTIVE,
638638
};
639639

640+
enum packet_access_flags {
641+
PA_F_DIRECT_WRITE = BIT(0),
642+
};
643+
640644
struct bpf_subprog_info {
641645
/* 'start' has to be the first field otherwise find_subprog() won't work */
642646
u32 start; /* insn idx of function entry point */
@@ -760,7 +764,7 @@ struct bpf_verifier_env {
760764
bool bpf_capable;
761765
bool bypass_spec_v1;
762766
bool bypass_spec_v4;
763-
bool seen_direct_write;
767+
u8 seen_packet_access; /* combination of enum packet_access_flags */
764768
bool seen_exception;
765769
struct bpf_insn_aux_data *insn_aux_data; /* array of per-insn state */
766770
const struct bpf_line_info *prev_linfo;

kernel/bpf/verifier.c

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -7625,7 +7625,7 @@ static int check_mem_access(struct bpf_verifier_env *env, int insn_idx, u32 regn
76257625
value_regno);
76267626
return -EACCES;
76277627
}
7628-
env->seen_direct_write = true;
7628+
env->seen_packet_access |= PA_F_DIRECT_WRITE;
76297629
}
76307630
err = check_packet_access(env, regno, off, size, false);
76317631
if (!err && t == BPF_READ && value_regno >= 0)
@@ -13768,7 +13768,7 @@ static int check_special_kfunc(struct bpf_verifier_env *env, struct bpf_kfunc_ca
1376813768
verbose(env, "the prog does not allow writes to packet data\n");
1376913769
return -EINVAL;
1377013770
}
13771-
env->seen_direct_write = true;
13771+
env->seen_packet_access |= PA_F_DIRECT_WRITE;
1377213772
}
1377313773

1377413774
if (!meta->initialized_dynptr.id) {
@@ -21200,6 +21200,7 @@ static int convert_ctx_accesses(struct bpf_verifier_env *env)
2120021200
struct bpf_prog *new_prog;
2120121201
enum bpf_access_type type;
2120221202
bool is_narrower_load;
21203+
bool seen_direct_write;
2120321204
int epilogue_idx = 0;
2120421205

2120521206
if (ops->gen_epilogue) {
@@ -21227,13 +21228,13 @@ static int convert_ctx_accesses(struct bpf_verifier_env *env)
2122721228
}
2122821229
}
2122921230

21230-
if (ops->gen_prologue || env->seen_direct_write) {
21231+
seen_direct_write = env->seen_packet_access & PA_F_DIRECT_WRITE;
21232+
if (ops->gen_prologue || seen_direct_write) {
2123121233
if (!ops->gen_prologue) {
2123221234
verifier_bug(env, "gen_prologue is null");
2123321235
return -EFAULT;
2123421236
}
21235-
cnt = ops->gen_prologue(insn_buf, env->seen_direct_write,
21236-
env->prog);
21237+
cnt = ops->gen_prologue(insn_buf, seen_direct_write, env->prog);
2123721238
if (cnt >= INSN_BUF_SIZE) {
2123821239
verifier_bug(env, "prologue is too long");
2123921240
return -EFAULT;

0 commit comments

Comments
 (0)