On Mon, 8 Aug 2022 at 19:16, Dave Marchevsky <davemarchevsky@xxxxxx> wrote: > > Discussion around a recently-submitted patch provided historical > context for check_refcount_ok [0]. Specifically, the function and its > helpers - may_be_acquire_function and arg_type_may_be_refcounted - > predate the OBJ_RELEASE type flag and the addition of many more helpers > with acquire/release semantics. > > The purpose of check_refcount_ok is to ensure: > 1) Helper doesn't have multiple uses of return reg's ref_obj_id > 2) Helper with release semantics only has one arg needing to be > released, since that's tracked using meta->ref_obj_id > > With current verifier, it's safe to remove check_refcount_ok and its > helpers. Since addition of OBJ_RELEASE type flag, case 2) has been > handled by the arg_type_is_release check in check_func_arg. To ensure > case 1) won't result in verifier silently prioritizing one use of > ref_obj_id, this patch adds a helper_multiple_ref_obj_use check which > fails loudly if a helper passes > 1 test for use of ref_obj_id. > > [0]: lore.kernel.org/bpf/20220713234529.4154673-1-davemarchevsky@xxxxxx > > Signed-off-by: Dave Marchevsky <davemarchevsky@xxxxxx> > Acked-by: Martin KaFai Lau <kafai@xxxxxx> > Acked-by: Joanne Koong <joannelkoong@xxxxxxxxx> Acked-by: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
