From: zhongjun <zhongjun@xxxxxxxxxxxxx>
There are too many so-called 'misconfigured' errors potentially
feed back to user-space, that make it very hard to judge on
a glance the reason a verification failure occurred.
This patch make those similar error outputs more sensitive and readible.
Signed-off-by: Jun Zhong <zhongjun@xxxxxxxxxxxxx>
base-commit: 738a96c4a8c36950803fdd27e7c30aca92dccefd
---
kernel/bpf/verifier.c | 24 +++++++++++++++---------
1 file changed, 15 insertions(+), 9 deletions(-)
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index d517d13878cf..f19534f919c2 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -12684,7 +12684,8 @@ static int check_ld_imm(struct bpf_verifier_env *env, struct bpf_insn *insn)
dst_reg->btf_id = aux->btf_var.btf_id;
break;
default:
- verbose(env, "bpf verifier is misconfigured\n");
+ verbose(env, "bpf verifier is misconfigured: dst_reg->type = %d\n",
+ dst_reg->type);
return -EFAULT;
}
return 0;
@@ -12722,7 +12723,8 @@ static int check_ld_imm(struct bpf_verifier_env *env, struct bpf_insn *insn)
insn->src_reg == BPF_PSEUDO_MAP_IDX) {
dst_reg->type = CONST_PTR_TO_MAP;
} else {
- verbose(env, "bpf verifier is misconfigured\n");
+ verbose(env, "bpf verifier is misconfigured: insn->src_reg = %d\n",
+ (int)insn->src_reg);
return -EINVAL;
}
@@ -12769,7 +12771,7 @@ static int check_ld_abs(struct bpf_verifier_env *env, struct bpf_insn *insn)
}
if (!env->ops->gen_ld_abs) {
- verbose(env, "bpf verifier is misconfigured\n");
+ verbose(env, "bpf verifier is misconfigured: gen_ld_abs is NULL\n");
return -EINVAL;
}
@@ -15814,13 +15816,14 @@ static int convert_ctx_accesses(struct bpf_verifier_env *env)
if (ops->gen_prologue || env->seen_direct_write) {
if (!ops->gen_prologue) {
- verbose(env, "bpf verifier is misconfigured\n");
+ verbose(env, "bpf verifier is misconfigured: gen_prologue is NULL\n");
return -EINVAL;
}
cnt = ops->gen_prologue(insn_buf, env->seen_direct_write,
env->prog);
if (cnt >= ARRAY_SIZE(insn_buf)) {
- verbose(env, "bpf verifier is misconfigured\n");
+ verbose(env, "bpf verifier is misconfigured: cnt=%d exceeds limit@%lu\n",
+ cnt, ARRAY_SIZE(insn_buf));
return -EINVAL;
} else if (cnt) {
new_prog = bpf_patch_insn_data(env, 0, insn_buf, cnt);
@@ -15951,7 +15954,8 @@ static int convert_ctx_accesses(struct bpf_verifier_env *env)
&target_size);
if (cnt == 0 || cnt >= ARRAY_SIZE(insn_buf) ||
(ctx_field_size && !target_size)) {
- verbose(env, "bpf verifier is misconfigured\n");
+ verbose(env, "bpf verifier is misconfigured: ins[%d] cnt=%d ctx_s=%u tg_s=%u\n",
+ i, cnt, ctx_field_size, target_size);
return -EINVAL;
}
@@ -16400,7 +16404,8 @@ static int do_misc_fixups(struct bpf_verifier_env *env)
BPF_MODE(insn->code) == BPF_IND)) {
cnt = env->ops->gen_ld_abs(insn, insn_buf);
if (cnt == 0 || cnt >= ARRAY_SIZE(insn_buf)) {
- verbose(env, "bpf verifier is misconfigured\n");
+ verbose(env, "bpf verifier is misconfigured: cnt=%d exceeds limit@%lu\n",
+ cnt, ARRAY_SIZE(insn_buf));
return -EINVAL;
}
@@ -16647,7 +16652,8 @@ static int do_misc_fixups(struct bpf_verifier_env *env)
if (cnt == -EOPNOTSUPP)
goto patch_map_ops_generic;
if (cnt <= 0 || cnt >= ARRAY_SIZE(insn_buf)) {
- verbose(env, "bpf verifier is misconfigured\n");
+ verbose(env, "bpf verifier is misconfigured: cnt=%d exceeds limit@%lu\n",
+ cnt, ARRAY_SIZE(insn_buf));
return -EINVAL;
}
@@ -16848,7 +16854,7 @@ static int do_misc_fixups(struct bpf_verifier_env *env)
if (!map_ptr->ops->map_poke_track ||
!map_ptr->ops->map_poke_untrack ||
!map_ptr->ops->map_poke_run) {
- verbose(env, "bpf verifier is misconfigured\n");
+ verbose(env, "bpf verifier is misconfigured: map_poke_xxx is NULL\n");
return -EINVAL;
}
--
2.20.1
