[PATCH v4 bpf-next 06/14] bpf/verifier: introduce BPF_PTR_TO_MAP_VALUE

[PATCH v4 bpf-next 00/14] bpf: cgroup local storage · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 03/14] bpf: pass a pointer to a cgroup storage using pcpu variable · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 07/14] bpf: don't allow create maps of cgroup local storages · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 12/14] selftests/bpf: add verifier cgroup storage tests · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 14/14] samples/bpf: extend test_cgrp2_attach2 test to use cgroup storage · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 05/14] bpf: extend bpf_prog_array to store pointers to the cgroup storage · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 13/14] selftests/bpf: add a cgroup storage test · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 08/14] bpf: introduce the bpf_get_local_storage() helper function · Roman Gushchin <hidden> · 2018-07-27
Re: [PATCH v4 bpf-next 08/14] bpf: introduce the bpf_get_local_storage() helper function · Daniel Borkmann <daniel@iogearbox.net> · 2018-07-31
Re: [PATCH v4 bpf-next 08/14] bpf: introduce the bpf_get_local_storage() helper function · Roman Gushchin <hidden> · 2018-07-31
Re: [PATCH v4 bpf-next 08/14] bpf: introduce the bpf_get_local_storage() helper function · Daniel Borkmann <daniel@iogearbox.net> · 2018-07-31
Re: [PATCH v4 bpf-next 08/14] bpf: introduce the bpf_get_local_storage() helper function · Roman Gushchin <hidden> · 2018-08-01
Re: [PATCH v4 bpf-next 08/14] bpf: introduce the bpf_get_local_storage() helper function · Daniel Borkmann <daniel@iogearbox.net> · 2018-08-01
[PATCH v4 bpf-next 10/14] bpftool: add support for CGROUP_STORAGE maps · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 09/14] bpf: sync bpf.h to tools/ · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 06/14] bpf/verifier: introduce BPF_PTR_TO_MAP_VALUE · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 04/14] bpf: allocate cgroup storage entries on attaching bpf programs · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 11/14] bpf/test_run: support cgroup local storage · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 02/14] bpf: introduce cgroup storage maps · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 01/14] bpf: add ability to charge bpf maps memory dynamically · Roman Gushchin <hidden> · 2018-07-27

From: Roman Gushchin <hidden>
Date: 2018-07-27 21:54:33
Also in: lkml
Subsystem: bpf [core], bpf [general] (safe dynamic programs and tools), the rest · Maintainers: Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko, Eduard Zingerman, Kumar Kartikeya Dwivedi, Linus Torvalds

BPF_MAP_TYPE_CGROUP_STORAGE maps are special in a way
that the access from the bpf program side is lookup-free.
That means the result is guaranteed to be a valid
pointer to the cgroup storage; no NULL-check is required.

This patch introduces BPF_PTR_TO_MAP_VALUE return type,
which is required to cause the verifier accept programs,
which are not checking the map value pointer for being NULL.

Signed-off-by: Roman Gushchin <redacted>
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Martin KaFai Lau <redacted>
---
 include/linux/bpf.h   | 1 +
 kernel/bpf/verifier.c | 8 ++++++--
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/include/linux/bpf.h b/include/linux/bpf.h
index 16be67888c30..ca4ac2a39def 100644
--- a/include/linux/bpf.h
+++ b/include/linux/bpf.h

@@ -155,6 +155,7 @@ enum bpf_arg_type {
 enum bpf_return_type {
 	RET_INTEGER,			/* function returns integer */
 	RET_VOID,			/* function doesn't return anything */
+	RET_PTR_TO_MAP_VALUE,		/* returns a pointer to map elem value */
 	RET_PTR_TO_MAP_VALUE_OR_NULL,	/* returns a pointer to map elem value or NULL */
 };

diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index 11d3669bf854..1d8d50b6a73d 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c

@@ -2545,8 +2545,12 @@ static int check_helper_call(struct bpf_verifier_env *env, int func_id, int insn
 		mark_reg_unknown(env, regs, BPF_REG_0);
 	} else if (fn->ret_type == RET_VOID) {
 		regs[BPF_REG_0].type = NOT_INIT;
-	} else if (fn->ret_type == RET_PTR_TO_MAP_VALUE_OR_NULL) {
-		regs[BPF_REG_0].type = PTR_TO_MAP_VALUE_OR_NULL;
+	} else if (fn->ret_type == RET_PTR_TO_MAP_VALUE_OR_NULL ||
+		   fn->ret_type == RET_PTR_TO_MAP_VALUE) {
+		if (fn->ret_type == RET_PTR_TO_MAP_VALUE)
+			regs[BPF_REG_0].type = PTR_TO_MAP_VALUE;
+		else
+			regs[BPF_REG_0].type = PTR_TO_MAP_VALUE_OR_NULL;
 		/* There is no offset yet applied, variable or fixed */
 		mark_reg_known_zero(env, regs, BPF_REG_0);
 		regs[BPF_REG_0].off = 0;

-- 
2.14.4

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help