kernel/bpf/verifier.c:8221:12: warning: stack frame size (2144) exceeds limit (2048) in 'check_kfunc_args'
From: kernel test robot
Date: Thu Jun 08 2023 - 14:51:50 EST
Hi Kumar,
First bad commit (maybe != root cause):
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 5f63595ebd82f56a2dd36ca013dd7f5ff2e2416a
commit: ac9f06050a3580cf4076a57a470cd71f12a81171 bpf: Introduce bpf_obj_drop
date: 7 months ago
config: riscv-randconfig-r012-20230608 (https://download.01.org/0day-ci/archive/20230609/202306090228.JIljoJa6-lkp@xxxxxxxxx/config)
compiler: clang version 14.0.6 (https://github.com/llvm/llvm-project.git f28c006a5895fc0e329fe15fead81e37457cb1d1)
reproduce (this is a W=1 build):
mkdir -p ~/bin
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install riscv cross compiling tool for clang build
# apt-get install binutils-riscv64-linux-gnu
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ac9f06050a3580cf4076a57a470cd71f12a81171
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout ac9f06050a3580cf4076a57a470cd71f12a81171
# save the config file
mkdir build_dir && cp config build_dir/.config
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang ~/bin/make.cross W=1 O=build_dir ARCH=riscv olddefconfig
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang ~/bin/make.cross W=1 O=build_dir ARCH=riscv SHELL=/bin/bash fs/f2fs/ kernel/bpf/ lib/zstd/
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-kbuild-all/202306090228.JIljoJa6-lkp@xxxxxxxxx/
All warnings (new ones prefixed by >>):
kernel/bpf/verifier.c:14822:12: warning: stack frame size (3024) exceeds limit (2048) in 'do_misc_fixups' [-Wframe-larger-than]
static int do_misc_fixups(struct bpf_verifier_env *env)
^
kernel/bpf/verifier.c:13035:12: warning: stack frame size (3280) exceeds limit (2048) in 'do_check' [-Wframe-larger-than]
static int do_check(struct bpf_verifier_env *env)
^
>> kernel/bpf/verifier.c:8221:12: warning: stack frame size (2144) exceeds limit (2048) in 'check_kfunc_args' [-Wframe-larger-than]
static int check_kfunc_args(struct bpf_verifier_env *env, struct bpf_kfunc_call_arg_meta *meta)
^
3 warnings generated.
vim +/check_kfunc_args +8221 kernel/bpf/verifier.c
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8220
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 @8221 static int check_kfunc_args(struct bpf_verifier_env *env, struct bpf_kfunc_call_arg_meta *meta)
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8222 {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8223 const char *func_name = meta->func_name, *ref_tname;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8224 const struct btf *btf = meta->btf;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8225 const struct btf_param *args;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8226 u32 i, nargs;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8227 int ret;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8228
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8229 args = (const struct btf_param *)(meta->func_proto + 1);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8230 nargs = btf_type_vlen(meta->func_proto);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8231 if (nargs > MAX_BPF_FUNC_REG_ARGS) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8232 verbose(env, "Function %s has %d > %d args\n", func_name, nargs,
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8233 MAX_BPF_FUNC_REG_ARGS);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8234 return -EINVAL;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8235 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8236
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8237 /* Check that BTF function arguments match actual types that the
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8238 * verifier sees.
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8239 */
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8240 for (i = 0; i < nargs; i++) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8241 struct bpf_reg_state *regs = cur_regs(env), *reg = ®s[i + 1];
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8242 const struct btf_type *t, *ref_t, *resolve_ret;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8243 enum bpf_arg_type arg_type = ARG_DONTCARE;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8244 u32 regno = i + 1, ref_id, type_size;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8245 bool is_ret_buf_sz = false;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8246 int kf_arg_type;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8247
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8248 t = btf_type_skip_modifiers(btf, args[i].type, NULL);
958cf2e273f0929 Kumar Kartikeya Dwivedi 2022-11-18 8249
958cf2e273f0929 Kumar Kartikeya Dwivedi 2022-11-18 8250 if (is_kfunc_arg_ignore(btf, &args[i]))
958cf2e273f0929 Kumar Kartikeya Dwivedi 2022-11-18 8251 continue;
958cf2e273f0929 Kumar Kartikeya Dwivedi 2022-11-18 8252
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8253 if (btf_type_is_scalar(t)) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8254 if (reg->type != SCALAR_VALUE) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8255 verbose(env, "R%d is not a scalar\n", regno);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8256 return -EINVAL;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8257 }
a50388dbb328a42 Kumar Kartikeya Dwivedi 2022-11-18 8258
a50388dbb328a42 Kumar Kartikeya Dwivedi 2022-11-18 8259 if (is_kfunc_arg_constant(meta->btf, &args[i])) {
a50388dbb328a42 Kumar Kartikeya Dwivedi 2022-11-18 8260 if (meta->arg_constant.found) {
a50388dbb328a42 Kumar Kartikeya Dwivedi 2022-11-18 8261 verbose(env, "verifier internal error: only one constant argument permitted\n");
a50388dbb328a42 Kumar Kartikeya Dwivedi 2022-11-18 8262 return -EFAULT;
a50388dbb328a42 Kumar Kartikeya Dwivedi 2022-11-18 8263 }
a50388dbb328a42 Kumar Kartikeya Dwivedi 2022-11-18 8264 if (!tnum_is_const(reg->var_off)) {
a50388dbb328a42 Kumar Kartikeya Dwivedi 2022-11-18 8265 verbose(env, "R%d must be a known constant\n", regno);
a50388dbb328a42 Kumar Kartikeya Dwivedi 2022-11-18 8266 return -EINVAL;
a50388dbb328a42 Kumar Kartikeya Dwivedi 2022-11-18 8267 }
a50388dbb328a42 Kumar Kartikeya Dwivedi 2022-11-18 8268 ret = mark_chain_precision(env, regno);
a50388dbb328a42 Kumar Kartikeya Dwivedi 2022-11-18 8269 if (ret < 0)
a50388dbb328a42 Kumar Kartikeya Dwivedi 2022-11-18 8270 return ret;
a50388dbb328a42 Kumar Kartikeya Dwivedi 2022-11-18 8271 meta->arg_constant.found = true;
a50388dbb328a42 Kumar Kartikeya Dwivedi 2022-11-18 8272 meta->arg_constant.value = reg->var_off.value;
a50388dbb328a42 Kumar Kartikeya Dwivedi 2022-11-18 8273 } else if (is_kfunc_arg_scalar_with_name(btf, &args[i], "rdonly_buf_size")) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8274 meta->r0_rdonly = true;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8275 is_ret_buf_sz = true;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8276 } else if (is_kfunc_arg_scalar_with_name(btf, &args[i], "rdwr_buf_size")) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8277 is_ret_buf_sz = true;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8278 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8279
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8280 if (is_ret_buf_sz) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8281 if (meta->r0_size) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8282 verbose(env, "2 or more rdonly/rdwr_buf_size parameters for kfunc");
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8283 return -EINVAL;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8284 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8285
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8286 if (!tnum_is_const(reg->var_off)) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8287 verbose(env, "R%d is not a const\n", regno);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8288 return -EINVAL;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8289 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8290
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8291 meta->r0_size = reg->var_off.value;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8292 ret = mark_chain_precision(env, regno);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8293 if (ret)
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8294 return ret;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8295 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8296 continue;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8297 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8298
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8299 if (!btf_type_is_ptr(t)) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8300 verbose(env, "Unrecognized arg#%d type %s\n", i, btf_type_str(t));
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8301 return -EINVAL;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8302 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8303
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8304 if (reg->ref_obj_id) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8305 if (is_kfunc_release(meta) && meta->ref_obj_id) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8306 verbose(env, "verifier internal error: more than one arg with ref_obj_id R%d %u %u\n",
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8307 regno, reg->ref_obj_id,
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8308 meta->ref_obj_id);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8309 return -EFAULT;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8310 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8311 meta->ref_obj_id = reg->ref_obj_id;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8312 if (is_kfunc_release(meta))
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8313 meta->release_regno = regno;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8314 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8315
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8316 ref_t = btf_type_skip_modifiers(btf, t->type, &ref_id);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8317 ref_tname = btf_name_by_offset(btf, ref_t->name_off);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8318
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8319 kf_arg_type = get_kfunc_ptr_arg_type(env, meta, t, ref_t, ref_tname, args, i, nargs);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8320 if (kf_arg_type < 0)
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8321 return kf_arg_type;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8322
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8323 switch (kf_arg_type) {
ac9f06050a3580c Kumar Kartikeya Dwivedi 2022-11-18 8324 case KF_ARG_PTR_TO_ALLOC_BTF_ID:
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8325 case KF_ARG_PTR_TO_BTF_ID:
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8326 if (!is_kfunc_trusted_args(meta))
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8327 break;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8328 if (!reg->ref_obj_id) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8329 verbose(env, "R%d must be referenced\n", regno);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8330 return -EINVAL;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8331 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8332 fallthrough;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8333 case KF_ARG_PTR_TO_CTX:
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8334 /* Trusted arguments have the same offset checks as release arguments */
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8335 arg_type |= OBJ_RELEASE;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8336 break;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8337 case KF_ARG_PTR_TO_KPTR:
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8338 case KF_ARG_PTR_TO_DYNPTR:
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8339 case KF_ARG_PTR_TO_MEM:
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8340 case KF_ARG_PTR_TO_MEM_SIZE:
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8341 /* Trusted by default */
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8342 break;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8343 default:
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8344 WARN_ON_ONCE(1);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8345 return -EFAULT;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8346 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8347
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8348 if (is_kfunc_release(meta) && reg->ref_obj_id)
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8349 arg_type |= OBJ_RELEASE;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8350 ret = check_func_arg_reg_off(env, reg, regno, arg_type);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8351 if (ret < 0)
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8352 return ret;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8353
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8354 switch (kf_arg_type) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8355 case KF_ARG_PTR_TO_CTX:
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8356 if (reg->type != PTR_TO_CTX) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8357 verbose(env, "arg#%d expected pointer to ctx, but got %s\n", i, btf_type_str(t));
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8358 return -EINVAL;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8359 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8360 break;
ac9f06050a3580c Kumar Kartikeya Dwivedi 2022-11-18 8361 case KF_ARG_PTR_TO_ALLOC_BTF_ID:
ac9f06050a3580c Kumar Kartikeya Dwivedi 2022-11-18 8362 if (reg->type != (PTR_TO_BTF_ID | MEM_ALLOC)) {
ac9f06050a3580c Kumar Kartikeya Dwivedi 2022-11-18 8363 verbose(env, "arg#%d expected pointer to allocated object\n", i);
ac9f06050a3580c Kumar Kartikeya Dwivedi 2022-11-18 8364 return -EINVAL;
ac9f06050a3580c Kumar Kartikeya Dwivedi 2022-11-18 8365 }
ac9f06050a3580c Kumar Kartikeya Dwivedi 2022-11-18 8366 if (!reg->ref_obj_id) {
ac9f06050a3580c Kumar Kartikeya Dwivedi 2022-11-18 8367 verbose(env, "allocated object must be referenced\n");
ac9f06050a3580c Kumar Kartikeya Dwivedi 2022-11-18 8368 return -EINVAL;
ac9f06050a3580c Kumar Kartikeya Dwivedi 2022-11-18 8369 }
ac9f06050a3580c Kumar Kartikeya Dwivedi 2022-11-18 8370 if (meta->btf == btf_vmlinux &&
ac9f06050a3580c Kumar Kartikeya Dwivedi 2022-11-18 8371 meta->func_id == special_kfunc_list[KF_bpf_obj_drop_impl]) {
ac9f06050a3580c Kumar Kartikeya Dwivedi 2022-11-18 8372 meta->arg_obj_drop.btf = reg->btf;
ac9f06050a3580c Kumar Kartikeya Dwivedi 2022-11-18 8373 meta->arg_obj_drop.btf_id = reg->btf_id;
ac9f06050a3580c Kumar Kartikeya Dwivedi 2022-11-18 8374 }
ac9f06050a3580c Kumar Kartikeya Dwivedi 2022-11-18 8375 break;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8376 case KF_ARG_PTR_TO_KPTR:
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8377 if (reg->type != PTR_TO_MAP_VALUE) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8378 verbose(env, "arg#0 expected pointer to map value\n");
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8379 return -EINVAL;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8380 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8381 ret = process_kf_arg_ptr_to_kptr(env, reg, ref_t, ref_tname, meta, i);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8382 if (ret < 0)
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8383 return ret;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8384 break;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8385 case KF_ARG_PTR_TO_DYNPTR:
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8386 if (reg->type != PTR_TO_STACK) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8387 verbose(env, "arg#%d expected pointer to stack\n", i);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8388 return -EINVAL;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8389 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8390
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8391 if (!is_dynptr_reg_valid_init(env, reg)) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8392 verbose(env, "arg#%d pointer type %s %s must be valid and initialized\n",
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8393 i, btf_type_str(ref_t), ref_tname);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8394 return -EINVAL;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8395 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8396
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8397 if (!is_dynptr_type_expected(env, reg, ARG_PTR_TO_DYNPTR | DYNPTR_TYPE_LOCAL)) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8398 verbose(env, "arg#%d pointer type %s %s points to unsupported dynamic pointer type\n",
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8399 i, btf_type_str(ref_t), ref_tname);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8400 return -EINVAL;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8401 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8402 break;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8403 case KF_ARG_PTR_TO_BTF_ID:
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8404 /* Only base_type is checked, further checks are done here */
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8405 if (reg->type != PTR_TO_BTF_ID &&
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8406 (!reg2btf_ids[base_type(reg->type)] || type_flag(reg->type))) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8407 verbose(env, "arg#%d expected pointer to btf or socket\n", i);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8408 return -EINVAL;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8409 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8410 ret = process_kf_arg_ptr_to_btf_id(env, reg, ref_t, ref_tname, ref_id, meta, i);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8411 if (ret < 0)
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8412 return ret;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8413 break;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8414 case KF_ARG_PTR_TO_MEM:
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8415 resolve_ret = btf_resolve_size(btf, ref_t, &type_size);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8416 if (IS_ERR(resolve_ret)) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8417 verbose(env, "arg#%d reference type('%s %s') size cannot be determined: %ld\n",
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8418 i, btf_type_str(ref_t), ref_tname, PTR_ERR(resolve_ret));
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8419 return -EINVAL;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8420 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8421 ret = check_mem_reg(env, reg, regno, type_size);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8422 if (ret < 0)
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8423 return ret;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8424 break;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8425 case KF_ARG_PTR_TO_MEM_SIZE:
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8426 ret = check_kfunc_mem_size_reg(env, ®s[regno + 1], regno + 1);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8427 if (ret < 0) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8428 verbose(env, "arg#%d arg#%d memory, len pair leads to invalid memory access\n", i, i + 1);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8429 return ret;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8430 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8431 /* Skip next '__sz' argument */
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8432 i++;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8433 break;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8434 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8435 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8436
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8437 if (is_kfunc_release(meta) && !meta->release_regno) {
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8438 verbose(env, "release kernel function %s expects refcounted PTR_TO_BTF_ID\n",
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8439 func_name);
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8440 return -EINVAL;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8441 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8442
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8443 return 0;
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8444 }
00b85860feb8098 Kumar Kartikeya Dwivedi 2022-11-18 8445
:::::: The code at line 8221 was first introduced by commit
:::::: 00b85860feb809852af9a88cb4ca8766d7dff6a3 bpf: Rewrite kfunc argument handling
:::::: TO: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
:::::: CC: Alexei Starovoitov <ast@xxxxxxxxxx>
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki