Re: [PATCH bpf-next v2 1/4] bpf: Remove duplicate PTR_TO_BTF_ID RO check

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 17 Aug 2022 at 20:43, Daniel Xu <dxu@xxxxxxxxx> wrote:
>
> Since commit 27ae7997a661 ("bpf: Introduce BPF_PROG_TYPE_STRUCT_OPS")
> there has existed bpf_verifier_ops:btf_struct_access. When
> btf_struct_access is _unset_ for a prog type, the verifier runs the
> default implementation, which is to enforce read only:
>
>         if (env->ops->btf_struct_access) {
>                 [...]
>         } else {
>                 if (atype != BPF_READ) {
>                         verbose(env, "only read is supported\n");
>                         return -EACCES;
>                 }
>
>                 [...]
>         }
>
> When btf_struct_access is _set_, the expectation is that
> btf_struct_access has full control over accesses, including if writes
> are allowed.
>
> Rather than carve out an exception for each prog type that may write to
> BTF ptrs, delete the redundant check and give full control to
> btf_struct_access.
>
> Signed-off-by: Daniel Xu <dxu@xxxxxxxxx>
> ---

Acked-by: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>



[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux