Re: [bpf-next v3 02/12] bpf: no_caller_saved_registers attribute for helper calls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Jul 15, 2024 at 10:34 PM Eduard Zingerman <eddyz87@xxxxxxxxx> wrote:
>
> On Mon, 2024-07-15 at 18:51 -0700, Alexei Starovoitov wrote:
> > On Mon, Jul 15, 2024 at 4:02 PM Eduard Zingerman <eddyz87@xxxxxxxxx> wrote:
> > >
> > > @@ -21771,6 +22058,12 @@ int bpf_check(struct bpf_prog **prog, union bpf_attr *attr, bpfptr_t uattr, __u3
> > >         if (ret == 0)
> > >                 ret = check_max_stack_depth(env);
> > >
> > > +       /* might decrease stack depth, keep it before passes that
> > > +        * allocate additional slots.
> > > +        */
> > > +       if (ret == 0)
> > > +               ret = remove_nocsr_spills_fills(env);
> >
> > Probably should be before check_max_stack_depth() above :)
>
> I thought about it, unfortunately, that would be a half-measure.
> There are two places where verifier reports stack depth errors:
> - check_stack_access_within_bounds() checks for access outside
>   [-MAX_BPF_STACK..0) region within one subprogram;
> - check_max_stack_depth() checks accumulated stack depth across
>   subprogram calls.
>
> It is possible to move remove_nocsr_spills_fills() before
> check_max_stack_depth(), but check_stack_access_within_bounds() would
> still report errors for nocsr stack slots, because
> check_nocsr_stack_contract() and check_stack_access_within_bounds()
> are both invoked during main verification pass and contract validation
> is not yet finished.

Agree that it's a half measure, but it's still better than doing it
after check_max_stack_depth().

We can also allow check_stack_access_within_bounds() to go above 512
for nocsr pattern. If spill/fill is later removed then great,
if not then it's not a big deal to go slightly above 512 especially
considering that private stack is coming in soon.





[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux