Re: [PATCH bpf-next v9 02/23] bpf/verifier: do not clear meta in check_mem_size

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 24 Aug 2022 at 15:41, Benjamin Tissoires
<benjamin.tissoires@xxxxxxxxxx> wrote:
>
> The purpose of this clear is to prevent meta->raw_mode to be evaluated
> at true, but this also prevents to forward any other data to the other
> callees.
>
> Only switch back raw_mode to false so we don't entirely clear meta.
>
> Acked-by: Yonghong Song <yhs@xxxxxx>
> Signed-off-by: Benjamin Tissoires <benjamin.tissoires@xxxxxxxxxx>
>
> ---
>
> no changes in v9
>
> no changes in v8
>
> no changes in v7
>
> new in v6
> ---
>  kernel/bpf/verifier.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
> index d694f43ab911..13190487fb12 100644
> --- a/kernel/bpf/verifier.c
> +++ b/kernel/bpf/verifier.c
> @@ -5287,7 +5287,7 @@ static int check_mem_size_reg(struct bpf_verifier_env *env,
>                  * initialize all the memory that the helper could
>                  * just partially fill up.
>                  */
> -               meta = NULL;
> +               meta->raw_mode = false;

But this is adding a side effect, the caller's meta->raw_mode becomes
false, which the caller may not expect...

>
>         if (reg->smin_value < 0) {
>                 verbose(env, "R%d min value is negative, either use unsigned or 'var &= const'\n",
> --
> 2.36.1
>



[Index of Archives]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]

  Powered by Linux