On Fri, Feb 12, 2021 at 12:57 PM Dmitrii Banshchikov <me@xxxxxxxxxxxxx> wrote: > > Add an ability to pass a pointer to a type with known size in arguments > of a global function. Such pointers may be used to overcome the limit on > the maximum number of arguments, avoid expensive and tricky workarounds > and to have multiple output arguments. > > A referenced type may contain pointers but indirect access through them > isn't supported. > > The implementation consists of two parts. If a global function has an > argument that is a pointer to a type with known size then: > > 1) In btf_check_func_arg_match(): check that the corresponding > register points to NULL or to a valid memory region that is large enough > to contain the expected argument's type. > > 2) In btf_prepare_func_args(): set the corresponding register type to > PTR_TO_MEM_OR_NULL and its size to the size of the expected type. > > Only global functions are supported because allowance of pointers for > static functions might break validation. Consider the following > scenario. A static function has a pointer argument. A caller passes > pointer to its stack memory. Because the callee can change referenced > memory verifier cannot longer assume any particular slot type of the > caller's stack memory hence the slot type is changed to SLOT_MISC. If > there is an operation that relies on slot type other than SLOT_MISC then > verifier won't be able to infer safety of the operation. > > When verifier sees a static function that has a pointer argument > different from PTR_TO_CTX then it skips arguments check and continues > with "inline" validation with more information available. The operation > that relies on the particular slot type now succeeds. > > Because global functions were not allowed to have pointer arguments > different from PTR_TO_CTX it's not possible to break existing and valid > code. > > Signed-off-by: Dmitrii Banshchikov <me@xxxxxxxxxxxxx> > --- Acked-by: Andrii Nakryiko <andrii@xxxxxxxxxx> > include/linux/bpf_verifier.h | 2 ++ > kernel/bpf/btf.c | 55 +++++++++++++++++++++++++++++------- > kernel/bpf/verifier.c | 30 ++++++++++++++++++++ > 3 files changed, 77 insertions(+), 10 deletions(-) > [...]
