Commit b63cbc49 authored by Andrii Nakryiko's avatar Andrii Nakryiko Committed by Martin KaFai Lau

bpf: remember meta->iter info only for initialized iters

For iter_new() functions iterator state's slot might not be yet
initialized, in which case iter_get_spi() will return -ERANGE. This is
expected and is handled properly. But for iter_next() and iter_destroy()
cases iter slot is supposed to be initialized and correct, so -ERANGE is
not possible.

Move meta->iter.{spi,frameno} initialization into iter_next/iter_destroy
handling branch to make it more explicit that valid information will be
remembered in meta->iter block for subsequent use in process_iter_next_call(),
avoiding confusingly looking -ERANGE assignment for meta->iter.spi.
Reported-by: default avatarDan Carpenter <error27@gmail.com>
Signed-off-by: default avatarAndrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/r/20230322232502.836171-1-andrii@kernel.orgSigned-off-by: default avatarMartin KaFai Lau <martin.lau@kernel.org>
parent 1a3148fc
...@@ -6778,13 +6778,6 @@ static int process_iter_arg(struct bpf_verifier_env *env, int regno, int insn_id ...@@ -6778,13 +6778,6 @@ static int process_iter_arg(struct bpf_verifier_env *env, int regno, int insn_id
t = btf_type_skip_modifiers(meta->btf, t->type, &btf_id); /* STRUCT */ t = btf_type_skip_modifiers(meta->btf, t->type, &btf_id); /* STRUCT */
nr_slots = t->size / BPF_REG_SIZE; nr_slots = t->size / BPF_REG_SIZE;
spi = iter_get_spi(env, reg, nr_slots);
if (spi < 0 && spi != -ERANGE)
return spi;
meta->iter.spi = spi;
meta->iter.frameno = reg->frameno;
if (is_iter_new_kfunc(meta)) { if (is_iter_new_kfunc(meta)) {
/* bpf_iter_<type>_new() expects pointer to uninit iter state */ /* bpf_iter_<type>_new() expects pointer to uninit iter state */
if (!is_iter_reg_valid_uninit(env, reg, nr_slots)) { if (!is_iter_reg_valid_uninit(env, reg, nr_slots)) {
...@@ -6811,10 +6804,17 @@ static int process_iter_arg(struct bpf_verifier_env *env, int regno, int insn_id ...@@ -6811,10 +6804,17 @@ static int process_iter_arg(struct bpf_verifier_env *env, int regno, int insn_id
return -EINVAL; return -EINVAL;
} }
spi = iter_get_spi(env, reg, nr_slots);
if (spi < 0)
return spi;
err = mark_iter_read(env, reg, spi, nr_slots); err = mark_iter_read(env, reg, spi, nr_slots);
if (err) if (err)
return err; return err;
/* remember meta->iter info for process_iter_next_call() */
meta->iter.spi = spi;
meta->iter.frameno = reg->frameno;
meta->ref_obj_id = iter_ref_obj_id(env, reg, spi); meta->ref_obj_id = iter_ref_obj_id(env, reg, spi);
if (is_iter_destroy_kfunc(meta)) { if (is_iter_destroy_kfunc(meta)) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment