• Lorenz Bauer's avatar
    bpf: Override the meaning of ARG_PTR_TO_MAP_VALUE for sockmap and sockhash · 912f442c
    Lorenz Bauer authored
    The verifier assumes that map values are simple blobs of memory, and
    therefore treats ARG_PTR_TO_MAP_VALUE, etc. as such. However, there are
    map types where this isn't true. For example, sockmap and sockhash store
    sockets. In general this isn't a big problem: we can just
    write helpers that explicitly requests PTR_TO_SOCKET instead of
    ARG_PTR_TO_MAP_VALUE.
    
    The one exception are the standard map helpers like map_update_elem,
    map_lookup_elem, etc. Here it would be nice we could overload the
    function prototype for different kinds of maps. Unfortunately, this
    isn't entirely straight forward:
    We only know the type of the map once we have resolved meta->map_ptr
    in check_func_arg. This means we can't swap out the prototype
    in check_helper_call until we're half way through the function.
    
    Instead, modify check_func_arg to treat ARG_PTR_TO_MAP_VALUE to
    mean "the native type for the map" instead of "pointer to memory"
    for sockmap and sockhash. This means we don't have to modify the
    function prototype at all
    Signed-off-by: default avatarLorenz Bauer <lmb@cloudflare.com>
    Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
    Acked-by: default avatarYonghong Song <yhs@fb.com>
    Link: https://lore.kernel.org/bpf/20200821102948.21918-5-lmb@cloudflare.com
    912f442c
verifier.c 324 KB