@@ -987,6 +987,7 @@ struct bpf_verifier_ops {
struct bpf_prog *prog, u32 *target_size);
int (*btf_struct_access)(struct bpf_verifier_log *log,
const struct bpf_reg_state *reg,
+ const struct bpf_prog *prog,
int off, int size);
};
@@ -670,6 +670,7 @@ struct sk_filter {
extern struct mutex nf_conn_btf_access_lock;
extern int (*nfct_btf_struct_access)(struct bpf_verifier_log *log,
const struct bpf_reg_state *reg,
+ const struct bpf_prog *prog,
int off, int size);
typedef unsigned int (*bpf_dispatcher_fn)(const void *ctx,
@@ -6638,7 +6638,7 @@ static int check_ptr_to_btf_access(struct bpf_verifier_env *env,
verbose(env, "verifier internal error: reg->btf must be kernel btf\n");
return -EFAULT;
}
- ret = env->ops->btf_struct_access(&env->log, reg, off, size);
+ ret = env->ops->btf_struct_access(&env->log, reg, env->prog, off, size);
} else {
/* Writes are permitted with default btf_struct_access for
* program allocated objects (which always have ref_obj_id > 0),
@@ -5344,8 +5344,9 @@ static bool bpf_scx_is_valid_access(int off, int size,
}
static int bpf_scx_btf_struct_access(struct bpf_verifier_log *log,
- const struct bpf_reg_state *reg, int off,
- int size)
+ const struct bpf_reg_state *reg,
+ const struct bpf_prog *prog,
+ int off, int size)
{
const struct btf_type *t;
@@ -234,6 +234,7 @@ static int bpf_dummy_ops_check_member(const struct btf_type *t,
static int bpf_dummy_ops_btf_struct_access(struct bpf_verifier_log *log,
const struct bpf_reg_state *reg,
+ const struct bpf_prog *prog,
int off, int size)
{
const struct btf_type *state;
@@ -9014,18 +9014,20 @@ static bool tc_cls_act_is_valid_access(int off, int size,
int (*nfct_btf_struct_access)(struct bpf_verifier_log *log,
const struct bpf_reg_state *reg,
+ const struct bpf_prog *prog,
int off, int size);
EXPORT_SYMBOL_GPL(nfct_btf_struct_access);
static int tc_cls_act_btf_struct_access(struct bpf_verifier_log *log,
const struct bpf_reg_state *reg,
+ const struct bpf_prog *prog,
int off, int size)
{
int ret = -EACCES;
mutex_lock(&nf_conn_btf_access_lock);
if (nfct_btf_struct_access)
- ret = nfct_btf_struct_access(log, reg, off, size);
+ ret = nfct_btf_struct_access(log, reg, prog, off, size);
mutex_unlock(&nf_conn_btf_access_lock);
return ret;
@@ -9100,13 +9102,14 @@ void bpf_warn_invalid_xdp_action(struct net_device *dev, struct bpf_prog *prog,
static int xdp_btf_struct_access(struct bpf_verifier_log *log,
const struct bpf_reg_state *reg,
+ const struct bpf_prog *prog,
int off, int size)
{
int ret = -EACCES;
mutex_lock(&nf_conn_btf_access_lock);
if (nfct_btf_struct_access)
- ret = nfct_btf_struct_access(log, reg, off, size);
+ ret = nfct_btf_struct_access(log, reg, prog, off, size);
mutex_unlock(&nf_conn_btf_access_lock);
return ret;
@@ -60,6 +60,7 @@ static bool bpf_tcp_ca_is_valid_access(int off, int size,
static int bpf_tcp_ca_btf_struct_access(struct bpf_verifier_log *log,
const struct bpf_reg_state *reg,
+ const struct bpf_prog *prog,
int off, int size)
{
const struct btf_type *t;
@@ -235,6 +235,7 @@ static struct nf_conn *__bpf_nf_ct_lookup(struct net *net,
/* Check writes into `struct nf_conn` */
static int _nf_conntrack_btf_struct_access(struct bpf_verifier_log *log,
const struct bpf_reg_state *reg,
+ const struct bpf_prog *prog,
int off, int size)
{
const struct btf_type *ncit, *nct, *t;
@@ -1243,6 +1243,7 @@ static int st_ops_gen_epilogue(struct bpf_insn *insn_buf, const struct bpf_prog
static int st_ops_btf_struct_access(struct bpf_verifier_log *log,
const struct bpf_reg_state *reg,
+ const struct bpf_prog *prog,
int off, int size)
{
if (off < 0 || off + size > sizeof(struct st_ops_args))