Re: [PATCH v4 bpf-next 08/14] bpf: introduce the bpf_get_local_storage()... | netdev

[PATCH v4 bpf-next 00/14] bpf: cgroup local storage · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 03/14] bpf: pass a pointer to a cgroup storage using pcpu variable · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 07/14] bpf: don't allow create maps of cgroup local storages · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 12/14] selftests/bpf: add verifier cgroup storage tests · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 14/14] samples/bpf: extend test_cgrp2_attach2 test to use cgroup storage · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 05/14] bpf: extend bpf_prog_array to store pointers to the cgroup storage · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 13/14] selftests/bpf: add a cgroup storage test · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 08/14] bpf: introduce the bpf_get_local_storage() helper function · Roman Gushchin <hidden> · 2018-07-27
Re: [PATCH v4 bpf-next 08/14] bpf: introduce the bpf_get_local_storage() helper function · Daniel Borkmann <daniel@iogearbox.net> · 2018-07-31
Re: [PATCH v4 bpf-next 08/14] bpf: introduce the bpf_get_local_storage() helper function · Roman Gushchin <hidden> · 2018-07-31
Re: [PATCH v4 bpf-next 08/14] bpf: introduce the bpf_get_local_storage() helper function · Daniel Borkmann <daniel@iogearbox.net> · 2018-07-31
Re: [PATCH v4 bpf-next 08/14] bpf: introduce the bpf_get_local_storage() helper function · Roman Gushchin <hidden> · 2018-08-01
Re: [PATCH v4 bpf-next 08/14] bpf: introduce the bpf_get_local_storage() helper function · Daniel Borkmann <daniel@iogearbox.net> · 2018-08-01
[PATCH v4 bpf-next 10/14] bpftool: add support for CGROUP_STORAGE maps · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 09/14] bpf: sync bpf.h to tools/ · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 06/14] bpf/verifier: introduce BPF_PTR_TO_MAP_VALUE · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 04/14] bpf: allocate cgroup storage entries on attaching bpf programs · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 11/14] bpf/test_run: support cgroup local storage · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 02/14] bpf: introduce cgroup storage maps · Roman Gushchin <hidden> · 2018-07-27
[PATCH v4 bpf-next 01/14] bpf: add ability to charge bpf maps memory dynamically · Roman Gushchin <hidden> · 2018-07-27

Re: [PATCH v4 bpf-next 08/14] bpf: introduce the bpf_get_local_storage() helper function

From: Daniel Borkmann <daniel@iogearbox.net>
Date: 2018-07-31 22:50:28
Also in: lkml

On 07/27/2018 11:52 PM, Roman Gushchin wrote:
[...]

quoted hunk ↗ jump to hunk

@@ -2533,6 +2541,16 @@ static int check_helper_call(struct bpf_verifier_env *env, int func_id, int insn
 	}
 
 	regs = cur_regs(env);
+
+	/* check that flags argument in get_local_storage(map, flags) is 0,
+	 * this is required because get_local_storage() can't return an error.
+	 */
+	if (func_id == BPF_FUNC_get_local_storage &&
+	    !tnum_equals_const(regs[BPF_REG_2].var_off, 0)) {
+		verbose(env, "get_local_storage() doesn't support non-zero flags\n");
+		return -EINVAL;
+	}

Hmm, this check is actually not correct. You will still be able to pass non-zero
values in there. arg2_type from the helper is ARG_ANYTHING, so the register type
could for example be one of the pointer types and it will still pass the verifier.
The correct way to check would be to use register_is_null().

+
 	/* reset caller saved regs */
 	for (i = 0; i < CALLER_SAVED_REGS; i++) {
 		mark_reg_not_init(env, regs, caller_saved[i]);

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help