bpf: Verifier, refine 32bit bound in do_refine_retval_range

Further refine return values range in do_refine_retval_range by noting these are int return types (We will assume here that int is a 32-bit type). Two reasons to pull this out of original patch. First it makes the original fix impossible to backport. And second I've not seen this as being problematic in practice unlike the other case. Fixes: 849fa506 ("bpf/verifier: refine retval R0 state for bpf_get_stack helper") Signed-off-by: N John Fastabend <john.fastabend@gmail.com> Signed-off-by: N Alexei Starovoitov <ast@kernel.org> Link: https://lore.kernel.org/bpf/158560421952.10843.12496354931526965046.stgit@john-Precision-5820-Tower

bpf: Verifier, refine 32bit bound in do_refine_retval_range
Further refine return values range in do_refine_retval_range by noting these are int return types (We will assume here that int is a 32-bit type). Two reasons to pull this out of original patch. First it makes the original fix impossible to backport. And second I've not seen this as being problematic in practice unlike the other case. Fixes: 849fa506 ("bpf/verifier: refine retval R0 state for bpf_get_stack helper") Signed-off-by: N John Fastabend <john.fastabend@gmail.com> Signed-off-by: N Alexei Starovoitov <ast@kernel.org> Link: https://lore.kernel.org/bpf/158560421952.10843.12496354931526965046.stgit@john-Precision-5820-Tower
fa123ac0 · John Fastabend · Alexei Starovoitov · 3f50f132 · fa123ac0
隐藏空白更改
内联并排

Showing with 1 addition and 0 deletion

kernel/bpf/verifier.c kernel/bpf/verifier.c +1 -0

未找到文件。
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -4335,6 +4335,7 @@ static void do_refine_retval_range(struct bpf_reg_state *regs, int ret_type,
 		return;

 	ret_reg->smax_value = meta->msize_max_value;
+	ret_reg->s32_max_value = meta->msize_max_value;
 	__reg_deduce_bounds(ret_reg);
 	__reg_bound_offset(ret_reg);
 	__update_reg_bounds(ret_reg);