On 11/22/22 11:53 AM, Yonghong Song wrote:
+ if (flag & MEM_RCU) {
+ /* Mark value register as MEM_RCU only if it is protected by
+ * bpf_rcu_read_lock() and the ptr reg is trusted (PTR_TRUSTED or
+ * ref_obj_id != 0). MEM_RCU itself can already indicate
+ * trustedness inside the rcu read lock region. But Mark it
+ * as PTR_TRUSTED as well similar to MEM_ALLOC.
+ */
+ if (!env->cur_state->active_rcu_lock ||
+ (!(reg->type & PTR_TRUSTED) && !reg->ref_obj_id))
Can is_trusted_reg() be reused or MEM_ALLOC is not applicable here?
+ flag &= ~MEM_RCU;
+ else
+ flag |= PTR_TRUSTED;
+ } else if (reg->type & MEM_RCU) {
+ /* ptr (reg) is marked as MEM_RCU, but value reg is not marked as MEM_RCU.
+ * Mark the value reg as PTR_UNTRUSTED conservatively.
+ */
+ flag |= PTR_UNTRUSTED;
Should PTR_UNTRUSTED tagging be limited to ret == PTR_TO_BTF_ID instead of
tagging SCALAR also?
[ ... ]
@@ -11754,6 +11840,11 @@ static int check_ld_abs(struct bpf_verifier_env *env, struct bpf_insn *insn)
return -EINVAL;
}
+ if (env->prog->aux->sleepable && env->cur_state->active_rcu_lock) {
I don't know the details about ld_abs :). Why sleepable check is needed here?
Others lgtm.
