• Daniel Borkmann's avatar
    bpf: fix loading of BPF_MAXINSNS sized programs · ef0915ca
    Daniel Borkmann authored
    General assumption is that single program can hold up to BPF_MAXINSNS,
    that is, 4096 number of instructions. It is the case with cBPF and
    that limit was carried over to eBPF. When recently testing digest, I
    noticed that it's actually not possible to feed 4096 instructions
    via bpf(2).
    
    The check for > BPF_MAXINSNS was added back then to bpf_check() in
    cbd35700 ("bpf: verifier (add ability to receive verification log)").
    However, 09756af4 ("bpf: expand BPF syscall with program load/unload")
    added yet another check that comes before that into bpf_prog_load(),
    but this time bails out already in case of >= BPF_MAXINSNS.
    
    Fix it up and perform the check early in bpf_prog_load(), so we can drop
    the second one in bpf_check(). It makes sense, because also a 0 insn
    program is useless and we don't want to waste any resources doing work
    up to bpf_check() point. The existing bpf(2) man page documents E2BIG
    as the official error for such cases, so just stick with it as well.
    
    Fixes: 09756af4 ("bpf: expand BPF syscall with program load/unload")
    Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
    Acked-by: default avatarAlexei Starovoitov <ast@kernel.org>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    ef0915ca
syscall.c 22.9 KB