bpf: Move insn_buf[16] to bpf_verifier_env (6f606ffd) · Commits · git / linux-net

include/linux/bpf_verifier.h

+3 −0

Original line number	Diff line number	Diff line
		@@ -23,6 +23,8 @@
		* (in the "-8,-16,...,-512" form)
		*/
		#define TMP_STR_BUF_LEN 320
		/* Patch buffer size */
		#define INSN_BUF_SIZE 16

		/* Liveness marks, used for registers and spilled-regs (in stack slots).
		* Read marks propagate upwards until they find a write mark; they record that
		@@ -780,6 +782,7 @@ struct bpf_verifier_env {
		* e.g., in reg_type_str() to generate reg_type string
		*/
		char tmp_str_buf[TMP_STR_BUF_LEN];
		struct bpf_insn insn_buf[INSN_BUF_SIZE];
		};

		static inline struct bpf_func_info_aux subprog_aux(struct bpf_verifier_env env, int subprog)

kernel/bpf/verifier.c

+8 −7

Original line number	Diff line number	Diff line
		@@ -19677,7 +19677,8 @@ static int convert_ctx_accesses(struct bpf_verifier_env *env)
		const struct bpf_verifier_ops *ops = env->ops;
		int i, cnt, size, ctx_field_size, delta = 0;
		const int insn_cnt = env->prog->len;
		struct bpf_insn insn_buf[16], *insn;
		struct bpf_insn *insn_buf = env->insn_buf;
		struct bpf_insn *insn;
		u32 target_size, size_default, off;
		struct bpf_prog *new_prog;
		enum bpf_access_type type;
		@@ -19690,7 +19691,7 @@ static int convert_ctx_accesses(struct bpf_verifier_env *env)
		}
		cnt = ops->gen_prologue(insn_buf, env->seen_direct_write,
		env->prog);
		if (cnt >= ARRAY_SIZE(insn_buf)) {
		if (cnt >= INSN_BUF_SIZE) {
		verbose(env, "bpf verifier is misconfigured\n");
		return -EINVAL;
		} else if (cnt) {
		@@ -19837,7 +19838,7 @@ static int convert_ctx_accesses(struct bpf_verifier_env *env)
		target_size = 0;
		cnt = convert_ctx_access(type, insn, insn_buf, env->prog,
		&target_size);
		if (cnt == 0 \|\| cnt >= ARRAY_SIZE(insn_buf) \|\|
		if (cnt == 0 \|\| cnt >= INSN_BUF_SIZE \|\|
		(ctx_field_size && !target_size)) {
		verbose(env, "bpf verifier is misconfigured\n");
		return -EINVAL;
		@@ -19846,7 +19847,7 @@ static int convert_ctx_accesses(struct bpf_verifier_env *env)
		if (is_narrower_load && size < target_size) {
		u8 shift = bpf_ctx_narrow_access_offset(
		off, size, size_default) * 8;
		if (shift && cnt + 1 >= ARRAY_SIZE(insn_buf)) {
		if (shift && cnt + 1 >= INSN_BUF_SIZE) {
		verbose(env, "bpf verifier narrow ctx load misconfigured\n");
		return -EINVAL;
		}
		@@ -20391,7 +20392,7 @@ static int do_misc_fixups(struct bpf_verifier_env *env)
		const int insn_cnt = prog->len;
		const struct bpf_map_ops *ops;
		struct bpf_insn_aux_data *aux;
		struct bpf_insn insn_buf[16];
		struct bpf_insn *insn_buf = env->insn_buf;
		struct bpf_prog *new_prog;
		struct bpf_map *map_ptr;
		int i, ret, cnt, delta = 0, cur_subprog = 0;
		@@ -20510,7 +20511,7 @@ static int do_misc_fixups(struct bpf_verifier_env *env)
		(BPF_MODE(insn->code) == BPF_ABS \|\|
		BPF_MODE(insn->code) == BPF_IND)) {
		cnt = env->ops->gen_ld_abs(insn, insn_buf);
		if (cnt == 0 \|\| cnt >= ARRAY_SIZE(insn_buf)) {
		if (cnt == 0 \|\| cnt >= INSN_BUF_SIZE) {
		verbose(env, "bpf verifier is misconfigured\n");
		return -EINVAL;
		}
		@@ -20803,7 +20804,7 @@ static int do_misc_fixups(struct bpf_verifier_env *env)
		cnt = ops->map_gen_lookup(map_ptr, insn_buf);
		if (cnt == -EOPNOTSUPP)
		goto patch_map_ops_generic;
		if (cnt <= 0 \|\| cnt >= ARRAY_SIZE(insn_buf)) {
		if (cnt <= 0 \|\| cnt >= INSN_BUF_SIZE) {
		verbose(env, "bpf verifier is misconfigured\n");
		return -EINVAL;
		}