mbox series

[bpf-next,v2,0/3] bpf: refine retval for bpf_get_task_stack helper

Message ID 20210416204704.2816874-1-davemarchevsky@fb.com (mailing list archive)
Headers show
Series bpf: refine retval for bpf_get_task_stack helper | expand

Message

Dave Marchevsky April 16, 2021, 8:47 p.m. UTC 
Similarly to the bpf_get_stack helper, bpf_get_task_stack's return value
can be more tightly bound by the verifier - it's the number of bytes
written to a user-supplied buffer, or a negative error value. Currently
the verifier believes bpf_task_get_stack's retval bounds to be unknown,
requiring extraneous bounds checking to remedy.

Adding it to do_refine_retval_range fixes the issue, as evidenced by
new selftests which fail to load if retval bounds are not refined.

v2: Addressed comment nit in patch 3

Dave Marchevsky (3):
  bpf: refine retval for bpf_get_task_stack helper
  bpf/selftests: add bpf_get_task_stack retval bounds verifier test
  bpf/selftests: add bpf_get_task_stack retval bounds test_prog

 kernel/bpf/verifier.c                         |  1 +
 .../selftests/bpf/prog_tests/bpf_iter.c       |  1 +
 .../selftests/bpf/progs/bpf_iter_task_stack.c | 27 ++++++++++++
 .../selftests/bpf/verifier/bpf_get_stack.c    | 43 +++++++++++++++++++
 4 files changed, 72 insertions(+)

Comments

Alexei Starovoitov April 20, 2021, 2:20 a.m. UTC | #1 
On Fri, Apr 16, 2021 at 1:47 PM Dave Marchevsky <davemarchevsky@fb.com> wrote:
>
> Similarly to the bpf_get_stack helper, bpf_get_task_stack's return value
> can be more tightly bound by the verifier - it's the number of bytes
> written to a user-supplied buffer, or a negative error value. Currently
> the verifier believes bpf_task_get_stack's retval bounds to be unknown,
> requiring extraneous bounds checking to remedy.
>
> Adding it to do_refine_retval_range fixes the issue, as evidenced by
> new selftests which fail to load if retval bounds are not refined.
>
> v2: Addressed comment nit in patch 3

Applied. Thanks