On Wed, Dec 13, 2023 at 9:43 AM Eduard Zingerman <eddyz87@xxxxxxxxx> wrote:
>
> On Tue, 2023-12-12 at 15:25 -0800, Andrii Nakryiko wrote:
> > Instead of btf_check_subprog_arg_match(), use btf_prepare_func_args()
> > logic to validate "trustworthiness" of main BPF program's BTF information,
> > if it is present.
> >
> > We ignored results of original BTF check anyway, often times producing
> > confusing and ominously-sounding "reg type unsupported for arg#0
> > function" message, which has no apparent effect on program correctness
> > and verification process.
> >
> > All the -EFAULT returning sanity checks are already performed in
> > check_btf_info_early(), so there is zero reason to have this duplication
> > of logic between btf_check_subprog_call() and btf_check_subprog_arg_match().
> > Dropping btf_check_subprog_arg_match() simplifies
> > btf_check_func_arg_match() further removing `bool processing_call` flag.
> >
> > One subtle bit that was done by btf_check_subprog_arg_match() was
> > potentially marking main program's BTF as unreliable. We do this
> > explicitly now with a dedicated simple check, preserving the original
> > behavior, but now based on well factored btf_prepare_func_args() logic.
> >
> > Signed-off-by: Andrii Nakryiko <andrii@xxxxxxxxxx>
> > ---
>
> Acked-by: Eduard Zingerman <eddyz87@xxxxxxxxx>
>
> [...]
>
> > @@ -19944,21 +19945,19 @@ static int do_check_common(struct bpf_verifier_env *env, int subprog)
> > }
> > }
> > } else {
> > + /* if main BPF program has associated BTF info, validate that
> > + * it's matching expected signature, and otherwise mark BTF
> > + * info for main program as unreliable
> > + */
> > + if (env->prog->aux->func_info_aux) {
> > + ret = btf_prepare_func_args(env, 0);
> > + if (ret || sub->arg_cnt != 1 || sub->args[0].arg_type != ARG_PTR_TO_CTX)
> > + env->prog->aux->func_info_aux[0].unreliable = true;
> > + }
>
> Nit: should this return if ret == -EFAULT?
>
>
no, why? I think the old behavior also didn't fail in this case
