From: Alexei Starovoitov <ast@xxxxxxxxxxxx> Date: Thu, 13 Nov 2014 17:36:49 -0800 > +static u64 bpf_map_lookup_elem(u64 r1, u64 r2, u64 r3, u64 r4, u64 r5) > +{ > + /* verifier checked that R1 contains a valid pointer to bpf_map > + * and R2 points to a program stack and map->key_size bytes were > + * initialized > + */ > + struct bpf_map *map = (struct bpf_map *) (unsigned long) r1; > + void *key = (void *) (unsigned long) r2; > + void *value; > + > + WARN_ON_ONCE(!rcu_read_lock_held()); > + > + value = map->ops->map_lookup_elem(map, key); > + > + /* lookup() returns either pointer to element value or NULL > + * which is the meaning of PTR_TO_MAP_VALUE_OR_NULL type > + */ > + return (unsigned long) value; > +} You should translate this into a true boolean '1' or '0' value so that kernel pointers don't propagate to the user or his eBPF programs. -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html