On Sat, Apr 9, 2022 at 1:40 PM Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx> wrote:
>
> Some functions in next patch want to use this function, and those
> functions will be called by check_map_access, hence move it before
> check_map_access.
>
> Signed-off-by: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
LGTM.
Acked-by: Joanne Koong <joannelkoong@xxxxxxxxx>
> ---
> kernel/bpf/verifier.c | 76 +++++++++++++++++++++----------------------
> 1 file changed, 38 insertions(+), 38 deletions(-)
>
> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
> index 9c1a02b82ecd..71827d14724a 100644
> --- a/kernel/bpf/verifier.c
> +++ b/kernel/bpf/verifier.c
> @@ -3469,6 +3469,44 @@ static int check_mem_region_access(struct bpf_verifier_env *env, u32 regno,
> return 0;
> }
>
> +static int __check_ptr_off_reg(struct bpf_verifier_env *env,
> + const struct bpf_reg_state *reg, int regno,
> + bool fixed_off_ok)
> +{
> + /* Access to this pointer-typed register or passing it to a helper
> + * is only allowed in its original, unmodified form.
> + */
> +
> + if (reg->off < 0) {
> + verbose(env, "negative offset %s ptr R%d off=%d disallowed\n",
> + reg_type_str(env, reg->type), regno, reg->off);
> + return -EACCES;
> + }
> +
> + if (!fixed_off_ok && reg->off) {
> + verbose(env, "dereference of modified %s ptr R%d off=%d disallowed\n",
> + reg_type_str(env, reg->type), regno, reg->off);
> + return -EACCES;
> + }
> +
> + if (!tnum_is_const(reg->var_off) || reg->var_off.value) {
> + char tn_buf[48];
> +
> + tnum_strn(tn_buf, sizeof(tn_buf), reg->var_off);
> + verbose(env, "variable %s access var_off=%s disallowed\n",
> + reg_type_str(env, reg->type), tn_buf);
> + return -EACCES;
> + }
> +
> + return 0;
> +}
> +
> +int check_ptr_off_reg(struct bpf_verifier_env *env,
> + const struct bpf_reg_state *reg, int regno)
> +{
> + return __check_ptr_off_reg(env, reg, regno, false);
> +}
> +
> /* check read/write into a map element with possible variable offset */
> static int check_map_access(struct bpf_verifier_env *env, u32 regno,
> int off, int size, bool zero_size_allowed)
> @@ -3980,44 +4018,6 @@ static int get_callee_stack_depth(struct bpf_verifier_env *env,
> }
> #endif
>
> -static int __check_ptr_off_reg(struct bpf_verifier_env *env,
> - const struct bpf_reg_state *reg, int regno,
> - bool fixed_off_ok)
> -{
> - /* Access to this pointer-typed register or passing it to a helper
> - * is only allowed in its original, unmodified form.
> - */
> -
> - if (reg->off < 0) {
> - verbose(env, "negative offset %s ptr R%d off=%d disallowed\n",
> - reg_type_str(env, reg->type), regno, reg->off);
> - return -EACCES;
> - }
> -
> - if (!fixed_off_ok && reg->off) {
> - verbose(env, "dereference of modified %s ptr R%d off=%d disallowed\n",
> - reg_type_str(env, reg->type), regno, reg->off);
> - return -EACCES;
> - }
> -
> - if (!tnum_is_const(reg->var_off) || reg->var_off.value) {
> - char tn_buf[48];
> -
> - tnum_strn(tn_buf, sizeof(tn_buf), reg->var_off);
> - verbose(env, "variable %s access var_off=%s disallowed\n",
> - reg_type_str(env, reg->type), tn_buf);
> - return -EACCES;
> - }
> -
> - return 0;
> -}
> -
> -int check_ptr_off_reg(struct bpf_verifier_env *env,
> - const struct bpf_reg_state *reg, int regno)
> -{
> - return __check_ptr_off_reg(env, reg, regno, false);
> -}
> -
> static int __check_buffer_access(struct bpf_verifier_env *env,
> const char *buf_info,
> const struct bpf_reg_state *reg,
> --
> 2.35.1
>
