| Message ID | 20210226051305.3428292-1-yhs@fb.com (mailing list archive) |
|---|---|
| State | Superseded |
| Delegated to: | BPF |
| Headers | show |
| Series | bpf: add bpf_for_each_map_elem() helper | expand |
| Context | Check | Description |
|---|---|---|
| netdev/cover_letter | success | Link |
| netdev/fixes_present | success | Link |
| netdev/patch_count | success | Link |
| netdev/tree_selection | success | Clearly marked for bpf-next |
| netdev/subject_prefix | success | Link |
| netdev/cc_maintainers | warning | 6 maintainers not CCed: netdev@vger.kernel.org kpsingh@kernel.org songliubraving@fb.com kafai@fb.com john.fastabend@gmail.com andrii@kernel.org |
| netdev/source_inline | success | Was 0 now: 0 |
| netdev/verify_signedoff | success | Link |
| netdev/module_param | success | Was 0 now: 0 |
| netdev/build_32bit | success | Errors and warnings before: 17 this patch: 17 |
| netdev/kdoc | success | Errors and warnings before: 0 this patch: 0 |
| netdev/verify_fixes | success | Link |
| netdev/checkpatch | warning | WARNING: line length of 81 exceeds 80 columns |
| netdev/build_allmodconfig_warn | success | Errors and warnings before: 17 this patch: 17 |
| netdev/header_inline | success | Link |
| netdev/stable | success | Stable not CCed |
On Thu, Feb 25, 2021 at 9:17 PM Yonghong Song <yhs@fb.com> wrote: > > During verifier check_cfg(), all instructions are > visited to ensure verifier can handle program control flows. > This patch factored out function visit_func_call_insn() > so it can be reused in later patch to visit callback function > calls. There is no functionality change for this patch. > > Signed-off-by: Yonghong Song <yhs@fb.com> > --- Acked-by: Andrii Nakryiko <andrii@kernel.org> > kernel/bpf/verifier.c | 35 +++++++++++++++++++++++------------ > 1 file changed, 23 insertions(+), 12 deletions(-) > > diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c > index 1dda9d81f12c..9cb182e91162 100644 > --- a/kernel/bpf/verifier.c > +++ b/kernel/bpf/verifier.c > @@ -8592,6 +8592,27 @@ static int push_insn(int t, int w, int e, struct bpf_verifier_env *env, > return DONE_EXPLORING; > } > > +static int visit_func_call_insn(int t, int insn_cnt, > + struct bpf_insn *insns, > + struct bpf_verifier_env *env, > + bool visit_callee) > +{ > + int ret; > + > + ret = push_insn(t, t + 1, FALLTHROUGH, env, false); > + if (ret) > + return ret; > + > + if (t + 1 < insn_cnt) > + init_explored_state(env, t + 1); > + if (visit_callee) { > + init_explored_state(env, t); > + ret = push_insn(t, t + insns[t].imm + 1, BRANCH, > + env, false); > + } > + return ret; > +} > + > /* Visits the instruction at index t and returns one of the following: > * < 0 - an error occurred > * DONE_EXPLORING - the instruction was fully explored > @@ -8612,18 +8633,8 @@ static int visit_insn(int t, int insn_cnt, struct bpf_verifier_env *env) > return DONE_EXPLORING; > > case BPF_CALL: > - ret = push_insn(t, t + 1, FALLTHROUGH, env, false); > - if (ret) > - return ret; > - > - if (t + 1 < insn_cnt) > - init_explored_state(env, t + 1); > - if (insns[t].src_reg == BPF_PSEUDO_CALL) { > - init_explored_state(env, t); > - ret = push_insn(t, t + insns[t].imm + 1, BRANCH, > - env, false); > - } > - return ret; > + return visit_func_call_insn(t, insn_cnt, insns, env, > + insns[t].src_reg == BPF_PSEUDO_CALL); > > case BPF_JA: > if (BPF_SRC(insns[t].code) != BPF_K) > -- > 2.24.1 >
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index 1dda9d81f12c..9cb182e91162 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -8592,6 +8592,27 @@ static int push_insn(int t, int w, int e, struct bpf_verifier_env *env, return DONE_EXPLORING; } +static int visit_func_call_insn(int t, int insn_cnt, + struct bpf_insn *insns, + struct bpf_verifier_env *env, + bool visit_callee) +{ + int ret; + + ret = push_insn(t, t + 1, FALLTHROUGH, env, false); + if (ret) + return ret; + + if (t + 1 < insn_cnt) + init_explored_state(env, t + 1); + if (visit_callee) { + init_explored_state(env, t); + ret = push_insn(t, t + insns[t].imm + 1, BRANCH, + env, false); + } + return ret; +} + /* Visits the instruction at index t and returns one of the following: * < 0 - an error occurred * DONE_EXPLORING - the instruction was fully explored @@ -8612,18 +8633,8 @@ static int visit_insn(int t, int insn_cnt, struct bpf_verifier_env *env) return DONE_EXPLORING; case BPF_CALL: - ret = push_insn(t, t + 1, FALLTHROUGH, env, false); - if (ret) - return ret; - - if (t + 1 < insn_cnt) - init_explored_state(env, t + 1); - if (insns[t].src_reg == BPF_PSEUDO_CALL) { - init_explored_state(env, t); - ret = push_insn(t, t + insns[t].imm + 1, BRANCH, - env, false); - } - return ret; + return visit_func_call_insn(t, insn_cnt, insns, env, + insns[t].src_reg == BPF_PSEUDO_CALL); case BPF_JA: if (BPF_SRC(insns[t].code) != BPF_K)
During verifier check_cfg(), all instructions are visited to ensure verifier can handle program control flows. This patch factored out function visit_func_call_insn() so it can be reused in later patch to visit callback function calls. There is no functionality change for this patch. Signed-off-by: Yonghong Song <yhs@fb.com> --- kernel/bpf/verifier.c | 35 +++++++++++++++++++++++------------ 1 file changed, 23 insertions(+), 12 deletions(-)