On Wed, 2023-12-13 at 10:06 -0800, Andrii Nakryiko wrote:
[...]
> > > @@ -19944,21 +19945,19 @@ static int do_check_common(struct bpf_verifier_env *env, int subprog)
> > > }
> > > }
> > > } else {
> > > + /* if main BPF program has associated BTF info, validate that
> > > + * it's matching expected signature, and otherwise mark BTF
> > > + * info for main program as unreliable
> > > + */
> > > + if (env->prog->aux->func_info_aux) {
> > > + ret = btf_prepare_func_args(env, 0);
> > > + if (ret || sub->arg_cnt != 1 || sub->args[0].arg_type != ARG_PTR_TO_CTX)
> > > + env->prog->aux->func_info_aux[0].unreliable = true;
> > > + }
> >
> > Nit: should this return if ret == -EFAULT?
> >
> >
>
> no, why? I think the old behavior also didn't fail in this case
I think it did, here is an excerpt from the current patch:
- ret = btf_check_subprog_arg_match(env, subprog, regs);
- if (ret == -EFAULT)
- /* unlikely verifier bug. abort.
- * ret == 0 and ret < 0 are sadly acceptable for
- * main() function due to backward compatibility.
- * Like socket filter program may be written as:
- * int bpf_prog(struct pt_regs *ctx)
- * and never dereference that ctx in the program.
- * 'struct pt_regs' is a type mismatch for socket
- * filter that should be using 'struct __sk_buff'.
- */
- goto out;
