On 2/23/21 10:46 AM, Alexei Starovoitov wrote:
On 2/23/21 10:39 AM, Yonghong Song wrote:
On 2/22/21 12:59 PM, Alexei Starovoitov wrote:
On Wed, Feb 17, 2021 at 10:18:07AM -0800, Yonghong Song wrote:
@@ -5893,6 +6004,14 @@ static int retrieve_ptr_limit(const struct
bpf_reg_state *ptr_reg,
else
*ptr_limit = -off;
return 0;
+ case PTR_TO_MAP_KEY:
+ if (mask_to_left) {
+ *ptr_limit = ptr_reg->umax_value + ptr_reg->off;
+ } else {
+ off = ptr_reg->smin_value + ptr_reg->off;
+ *ptr_limit = ptr_reg->map_ptr->key_size - off;
+ }
+ return 0;
This part cannot be exercised because for_each will require cap_bpf.
Eventually we might relax this requirement and above code will be
necessary.
Could you manually test it that it's working as expected by forcing
sanitize_ptr_alu() to act on it?
I did some manual test and hacking the verifier to make this code
executed and it looks fine and verifier succeeded.
But since this code won't execute with current implementation
with bpf_capable(). It probably makes sense to remove this code
for now and will add it back later once bpf_pseudo_func is permitted for
unprivileged user.
I think we might forget it later.
I would leave the code here and maybe add the comment that it's tested
for future use, but not needed yet.
okay. will keep it.
