| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 29 May 2021 13:36:40 +0800
From: kernel test robot <lkp@...el.com>
To: Brendan Jackman <jackmanb@...gle.com>
Cc: kbuild-all@...ts.01.org, clang-built-linux@...glegroups.com,
linux-kernel@...r.kernel.org, Alexei Starovoitov <ast@...nel.org>
Subject: kernel/bpf/verifier.c:11541:12: warning: stack frame size of 2176
bytes in function 'do_misc_fixups'
Hi Brendan,
FYI, the error/warning still remains.
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 6799d4f2da496cab9b3fd26283a8ce3639b1a88d
commit: e6ac593372aadacc14e02b198e4a1acfef1db595 bpf: Rename fixup_bpf_calls and add some comments
date: 3 months ago
config: powerpc64-randconfig-r036-20210529 (attached as .config)
compiler: clang version 13.0.0 (https://github.com/llvm/llvm-project bc6799f2f79f0ae87e9f1ebf9d25ba799fbd25a9)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install powerpc64 cross compiling tool for clang build
# apt-get install binutils-powerpc64-linux-gnu
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6ac593372aadacc14e02b198e4a1acfef1db595
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout e6ac593372aadacc14e02b198e4a1acfef1db595
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=powerpc64
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>
All warnings (new ones prefixed by >>):
__do_insb
^
arch/powerpc/include/asm/io.h:556:56: note: expanded from macro '__do_insb'
#define __do_insb(p, b, n) readsb((PCI_IO_ADDR)_IO_BASE+(p), (b), (n))
~~~~~~~~~~~~~~~~~~~~~^
In file included from kernel/bpf/verifier.c:12:
In file included from include/linux/bpf_verifier.h:9:
In file included from include/linux/filter.h:13:
In file included from include/linux/skbuff.h:31:
In file included from include/linux/dma-mapping.h:10:
In file included from include/linux/scatterlist.h:9:
In file included from arch/powerpc/include/asm/io.h:619:
arch/powerpc/include/asm/io-defs.h:45:1: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
DEF_PCI_AC_NORET(insw, (unsigned long p, void *b, unsigned long c),
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/powerpc/include/asm/io.h:616:3: note: expanded from macro 'DEF_PCI_AC_NORET'
__do_##name al; \
^~~~~~~~~~~~~~
<scratch space>:17:1: note: expanded from here
__do_insw
^
arch/powerpc/include/asm/io.h:557:56: note: expanded from macro '__do_insw'
#define __do_insw(p, b, n) readsw((PCI_IO_ADDR)_IO_BASE+(p), (b), (n))
~~~~~~~~~~~~~~~~~~~~~^
In file included from kernel/bpf/verifier.c:12:
In file included from include/linux/bpf_verifier.h:9:
In file included from include/linux/filter.h:13:
In file included from include/linux/skbuff.h:31:
In file included from include/linux/dma-mapping.h:10:
In file included from include/linux/scatterlist.h:9:
In file included from arch/powerpc/include/asm/io.h:619:
arch/powerpc/include/asm/io-defs.h:47:1: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
DEF_PCI_AC_NORET(insl, (unsigned long p, void *b, unsigned long c),
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/powerpc/include/asm/io.h:616:3: note: expanded from macro 'DEF_PCI_AC_NORET'
__do_##name al; \
^~~~~~~~~~~~~~
<scratch space>:19:1: note: expanded from here
__do_insl
^
arch/powerpc/include/asm/io.h:558:56: note: expanded from macro '__do_insl'
#define __do_insl(p, b, n) readsl((PCI_IO_ADDR)_IO_BASE+(p), (b), (n))
~~~~~~~~~~~~~~~~~~~~~^
In file included from kernel/bpf/verifier.c:12:
In file included from include/linux/bpf_verifier.h:9:
In file included from include/linux/filter.h:13:
In file included from include/linux/skbuff.h:31:
In file included from include/linux/dma-mapping.h:10:
In file included from include/linux/scatterlist.h:9:
In file included from arch/powerpc/include/asm/io.h:619:
arch/powerpc/include/asm/io-defs.h:49:1: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
DEF_PCI_AC_NORET(outsb, (unsigned long p, const void *b, unsigned long c),
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/powerpc/include/asm/io.h:616:3: note: expanded from macro 'DEF_PCI_AC_NORET'
__do_##name al; \
^~~~~~~~~~~~~~
<scratch space>:21:1: note: expanded from here
__do_outsb
^
arch/powerpc/include/asm/io.h:559:58: note: expanded from macro '__do_outsb'
#define __do_outsb(p, b, n) writesb((PCI_IO_ADDR)_IO_BASE+(p),(b),(n))
~~~~~~~~~~~~~~~~~~~~~^
In file included from kernel/bpf/verifier.c:12:
In file included from include/linux/bpf_verifier.h:9:
In file included from include/linux/filter.h:13:
In file included from include/linux/skbuff.h:31:
In file included from include/linux/dma-mapping.h:10:
In file included from include/linux/scatterlist.h:9:
In file included from arch/powerpc/include/asm/io.h:619:
arch/powerpc/include/asm/io-defs.h:51:1: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
DEF_PCI_AC_NORET(outsw, (unsigned long p, const void *b, unsigned long c),
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/powerpc/include/asm/io.h:616:3: note: expanded from macro 'DEF_PCI_AC_NORET'
__do_##name al; \
^~~~~~~~~~~~~~
<scratch space>:23:1: note: expanded from here
__do_outsw
^
arch/powerpc/include/asm/io.h:560:58: note: expanded from macro '__do_outsw'
#define __do_outsw(p, b, n) writesw((PCI_IO_ADDR)_IO_BASE+(p),(b),(n))
~~~~~~~~~~~~~~~~~~~~~^
In file included from kernel/bpf/verifier.c:12:
In file included from include/linux/bpf_verifier.h:9:
In file included from include/linux/filter.h:13:
In file included from include/linux/skbuff.h:31:
In file included from include/linux/dma-mapping.h:10:
In file included from include/linux/scatterlist.h:9:
In file included from arch/powerpc/include/asm/io.h:619:
arch/powerpc/include/asm/io-defs.h:53:1: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
DEF_PCI_AC_NORET(outsl, (unsigned long p, const void *b, unsigned long c),
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/powerpc/include/asm/io.h:616:3: note: expanded from macro 'DEF_PCI_AC_NORET'
__do_##name al; \
^~~~~~~~~~~~~~
<scratch space>:25:1: note: expanded from here
__do_outsl
^
arch/powerpc/include/asm/io.h:561:58: note: expanded from macro '__do_outsl'
#define __do_outsl(p, b, n) writesl((PCI_IO_ADDR)_IO_BASE+(p),(b),(n))
~~~~~~~~~~~~~~~~~~~~~^
>> kernel/bpf/verifier.c:11541:12: warning: stack frame size of 2176 bytes in function 'do_misc_fixups' [-Wframe-larger-than=]
static int do_misc_fixups(struct bpf_verifier_env *env)
^
kernel/bpf/verifier.c:9848:12: warning: stack frame size of 5280 bytes in function 'do_check' [-Wframe-larger-than=]
static int do_check(struct bpf_verifier_env *env)
^
15 warnings generated.
vim +/do_misc_fixups +11541 kernel/bpf/verifier.c
11537
11538 /* Do various post-verification rewrites in a single program pass.
11539 * These rewrites simplify JIT and interpreter implementations.
11540 */
11541 static int do_misc_fixups(struct bpf_verifier_env *env)
11542 {
11543 struct bpf_prog *prog = env->prog;
11544 bool expect_blinding = bpf_jit_blinding_enabled(prog);
11545 struct bpf_insn *insn = prog->insnsi;
11546 const struct bpf_func_proto *fn;
11547 const int insn_cnt = prog->len;
11548 const struct bpf_map_ops *ops;
11549 struct bpf_insn_aux_data *aux;
11550 struct bpf_insn insn_buf[16];
11551 struct bpf_prog *new_prog;
11552 struct bpf_map *map_ptr;
11553 int i, ret, cnt, delta = 0;
11554
11555 for (i = 0; i < insn_cnt; i++, insn++) {
11556 /* Make divide-by-zero exceptions impossible. */
11557 if (insn->code == (BPF_ALU64 | BPF_MOD | BPF_X) ||
11558 insn->code == (BPF_ALU64 | BPF_DIV | BPF_X) ||
11559 insn->code == (BPF_ALU | BPF_MOD | BPF_X) ||
11560 insn->code == (BPF_ALU | BPF_DIV | BPF_X)) {
11561 bool is64 = BPF_CLASS(insn->code) == BPF_ALU64;
11562 bool isdiv = BPF_OP(insn->code) == BPF_DIV;
11563 struct bpf_insn *patchlet;
11564 struct bpf_insn chk_and_div[] = {
11565 /* [R,W]x div 0 -> 0 */
11566 BPF_RAW_INSN((is64 ? BPF_JMP : BPF_JMP32) |
11567 BPF_JNE | BPF_K, insn->src_reg,
11568 0, 2, 0),
11569 BPF_ALU32_REG(BPF_XOR, insn->dst_reg, insn->dst_reg),
11570 BPF_JMP_IMM(BPF_JA, 0, 0, 1),
11571 *insn,
11572 };
11573 struct bpf_insn chk_and_mod[] = {
11574 /* [R,W]x mod 0 -> [R,W]x */
11575 BPF_RAW_INSN((is64 ? BPF_JMP : BPF_JMP32) |
11576 BPF_JEQ | BPF_K, insn->src_reg,
11577 0, 1 + (is64 ? 0 : 1), 0),
11578 *insn,
11579 BPF_JMP_IMM(BPF_JA, 0, 0, 1),
11580 BPF_MOV32_REG(insn->dst_reg, insn->dst_reg),
11581 };
11582
11583 patchlet = isdiv ? chk_and_div : chk_and_mod;
11584 cnt = isdiv ? ARRAY_SIZE(chk_and_div) :
11585 ARRAY_SIZE(chk_and_mod) - (is64 ? 2 : 0);
11586
11587 new_prog = bpf_patch_insn_data(env, i + delta, patchlet, cnt);
11588 if (!new_prog)
11589 return -ENOMEM;
11590
11591 delta += cnt - 1;
11592 env->prog = prog = new_prog;
11593 insn = new_prog->insnsi + i + delta;
11594 continue;
11595 }
11596
11597 /* Implement LD_ABS and LD_IND with a rewrite, if supported by the program type. */
11598 if (BPF_CLASS(insn->code) == BPF_LD &&
11599 (BPF_MODE(insn->code) == BPF_ABS ||
11600 BPF_MODE(insn->code) == BPF_IND)) {
11601 cnt = env->ops->gen_ld_abs(insn, insn_buf);
11602 if (cnt == 0 || cnt >= ARRAY_SIZE(insn_buf)) {
11603 verbose(env, "bpf verifier is misconfigured\n");
11604 return -EINVAL;
11605 }
11606
11607 new_prog = bpf_patch_insn_data(env, i + delta, insn_buf, cnt);
11608 if (!new_prog)
11609 return -ENOMEM;
11610
11611 delta += cnt - 1;
11612 env->prog = prog = new_prog;
11613 insn = new_prog->insnsi + i + delta;
11614 continue;
11615 }
11616
11617 /* Rewrite pointer arithmetic to mitigate speculation attacks. */
11618 if (insn->code == (BPF_ALU64 | BPF_ADD | BPF_X) ||
11619 insn->code == (BPF_ALU64 | BPF_SUB | BPF_X)) {
11620 const u8 code_add = BPF_ALU64 | BPF_ADD | BPF_X;
11621 const u8 code_sub = BPF_ALU64 | BPF_SUB | BPF_X;
11622 struct bpf_insn insn_buf[16];
11623 struct bpf_insn *patch = &insn_buf[0];
11624 bool issrc, isneg;
11625 u32 off_reg;
11626
11627 aux = &env->insn_aux_data[i + delta];
11628 if (!aux->alu_state ||
11629 aux->alu_state == BPF_ALU_NON_POINTER)
11630 continue;
11631
11632 isneg = aux->alu_state & BPF_ALU_NEG_VALUE;
11633 issrc = (aux->alu_state & BPF_ALU_SANITIZE) ==
11634 BPF_ALU_SANITIZE_SRC;
11635
11636 off_reg = issrc ? insn->src_reg : insn->dst_reg;
11637 if (isneg)
11638 *patch++ = BPF_ALU64_IMM(BPF_MUL, off_reg, -1);
11639 *patch++ = BPF_MOV32_IMM(BPF_REG_AX, aux->alu_limit - 1);
11640 *patch++ = BPF_ALU64_REG(BPF_SUB, BPF_REG_AX, off_reg);
11641 *patch++ = BPF_ALU64_REG(BPF_OR, BPF_REG_AX, off_reg);
11642 *patch++ = BPF_ALU64_IMM(BPF_NEG, BPF_REG_AX, 0);
11643 *patch++ = BPF_ALU64_IMM(BPF_ARSH, BPF_REG_AX, 63);
11644 if (issrc) {
11645 *patch++ = BPF_ALU64_REG(BPF_AND, BPF_REG_AX,
11646 off_reg);
11647 insn->src_reg = BPF_REG_AX;
11648 } else {
11649 *patch++ = BPF_ALU64_REG(BPF_AND, off_reg,
11650 BPF_REG_AX);
11651 }
11652 if (isneg)
11653 insn->code = insn->code == code_add ?
11654 code_sub : code_add;
11655 *patch++ = *insn;
11656 if (issrc && isneg)
11657 *patch++ = BPF_ALU64_IMM(BPF_MUL, off_reg, -1);
11658 cnt = patch - insn_buf;
11659
11660 new_prog = bpf_patch_insn_data(env, i + delta, insn_buf, cnt);
11661 if (!new_prog)
11662 return -ENOMEM;
11663
11664 delta += cnt - 1;
11665 env->prog = prog = new_prog;
11666 insn = new_prog->insnsi + i + delta;
11667 continue;
11668 }
11669
11670 if (insn->code != (BPF_JMP | BPF_CALL))
11671 continue;
11672 if (insn->src_reg == BPF_PSEUDO_CALL)
11673 continue;
11674
11675 if (insn->imm == BPF_FUNC_get_route_realm)
11676 prog->dst_needed = 1;
11677 if (insn->imm == BPF_FUNC_get_prandom_u32)
11678 bpf_user_rnd_init_once();
11679 if (insn->imm == BPF_FUNC_override_return)
11680 prog->kprobe_override = 1;
11681 if (insn->imm == BPF_FUNC_tail_call) {
11682 /* If we tail call into other programs, we
11683 * cannot make any assumptions since they can
11684 * be replaced dynamically during runtime in
11685 * the program array.
11686 */
11687 prog->cb_access = 1;
11688 if (!allow_tail_call_in_subprogs(env))
11689 prog->aux->stack_depth = MAX_BPF_STACK;
11690 prog->aux->max_pkt_offset = MAX_PACKET_OFF;
11691
11692 /* mark bpf_tail_call as different opcode to avoid
11693 * conditional branch in the interpeter for every normal
11694 * call and to prevent accidental JITing by JIT compiler
11695 * that doesn't support bpf_tail_call yet
11696 */
11697 insn->imm = 0;
11698 insn->code = BPF_JMP | BPF_TAIL_CALL;
11699
11700 aux = &env->insn_aux_data[i + delta];
11701 if (env->bpf_capable && !expect_blinding &&
11702 prog->jit_requested &&
11703 !bpf_map_key_poisoned(aux) &&
11704 !bpf_map_ptr_poisoned(aux) &&
11705 !bpf_map_ptr_unpriv(aux)) {
11706 struct bpf_jit_poke_descriptor desc = {
11707 .reason = BPF_POKE_REASON_TAIL_CALL,
11708 .tail_call.map = BPF_MAP_PTR(aux->map_ptr_state),
11709 .tail_call.key = bpf_map_key_immediate(aux),
11710 .insn_idx = i + delta,
11711 };
11712
11713 ret = bpf_jit_add_poke_descriptor(prog, &desc);
11714 if (ret < 0) {
11715 verbose(env, "adding tail call poke descriptor failed\n");
11716 return ret;
11717 }
11718
11719 insn->imm = ret + 1;
11720 continue;
11721 }
11722
11723 if (!bpf_map_ptr_unpriv(aux))
11724 continue;
11725
11726 /* instead of changing every JIT dealing with tail_call
11727 * emit two extra insns:
11728 * if (index >= max_entries) goto out;
11729 * index &= array->index_mask;
11730 * to avoid out-of-bounds cpu speculation
11731 */
11732 if (bpf_map_ptr_poisoned(aux)) {
11733 verbose(env, "tail_call abusing map_ptr\n");
11734 return -EINVAL;
11735 }
11736
11737 map_ptr = BPF_MAP_PTR(aux->map_ptr_state);
11738 insn_buf[0] = BPF_JMP_IMM(BPF_JGE, BPF_REG_3,
11739 map_ptr->max_entries, 2);
11740 insn_buf[1] = BPF_ALU32_IMM(BPF_AND, BPF_REG_3,
11741 container_of(map_ptr,
11742 struct bpf_array,
11743 map)->index_mask);
11744 insn_buf[2] = *insn;
11745 cnt = 3;
11746 new_prog = bpf_patch_insn_data(env, i + delta, insn_buf, cnt);
11747 if (!new_prog)
11748 return -ENOMEM;
11749
11750 delta += cnt - 1;
11751 env->prog = prog = new_prog;
11752 insn = new_prog->insnsi + i + delta;
11753 continue;
11754 }
11755
11756 /* BPF_EMIT_CALL() assumptions in some of the map_gen_lookup
11757 * and other inlining handlers are currently limited to 64 bit
11758 * only.
11759 */
11760 if (prog->jit_requested && BITS_PER_LONG == 64 &&
11761 (insn->imm == BPF_FUNC_map_lookup_elem ||
11762 insn->imm == BPF_FUNC_map_update_elem ||
11763 insn->imm == BPF_FUNC_map_delete_elem ||
11764 insn->imm == BPF_FUNC_map_push_elem ||
11765 insn->imm == BPF_FUNC_map_pop_elem ||
11766 insn->imm == BPF_FUNC_map_peek_elem)) {
11767 aux = &env->insn_aux_data[i + delta];
11768 if (bpf_map_ptr_poisoned(aux))
11769 goto patch_call_imm;
11770
11771 map_ptr = BPF_MAP_PTR(aux->map_ptr_state);
11772 ops = map_ptr->ops;
11773 if (insn->imm == BPF_FUNC_map_lookup_elem &&
11774 ops->map_gen_lookup) {
11775 cnt = ops->map_gen_lookup(map_ptr, insn_buf);
11776 if (cnt == -EOPNOTSUPP)
11777 goto patch_map_ops_generic;
11778 if (cnt <= 0 || cnt >= ARRAY_SIZE(insn_buf)) {
11779 verbose(env, "bpf verifier is misconfigured\n");
11780 return -EINVAL;
11781 }
11782
11783 new_prog = bpf_patch_insn_data(env, i + delta,
11784 insn_buf, cnt);
11785 if (!new_prog)
11786 return -ENOMEM;
11787
11788 delta += cnt - 1;
11789 env->prog = prog = new_prog;
11790 insn = new_prog->insnsi + i + delta;
11791 continue;
11792 }
11793
11794 BUILD_BUG_ON(!__same_type(ops->map_lookup_elem,
11795 (void *(*)(struct bpf_map *map, void *key))NULL));
11796 BUILD_BUG_ON(!__same_type(ops->map_delete_elem,
11797 (int (*)(struct bpf_map *map, void *key))NULL));
11798 BUILD_BUG_ON(!__same_type(ops->map_update_elem,
11799 (int (*)(struct bpf_map *map, void *key, void *value,
11800 u64 flags))NULL));
11801 BUILD_BUG_ON(!__same_type(ops->map_push_elem,
11802 (int (*)(struct bpf_map *map, void *value,
11803 u64 flags))NULL));
11804 BUILD_BUG_ON(!__same_type(ops->map_pop_elem,
11805 (int (*)(struct bpf_map *map, void *value))NULL));
11806 BUILD_BUG_ON(!__same_type(ops->map_peek_elem,
11807 (int (*)(struct bpf_map *map, void *value))NULL));
11808 patch_map_ops_generic:
11809 switch (insn->imm) {
11810 case BPF_FUNC_map_lookup_elem:
11811 insn->imm = BPF_CAST_CALL(ops->map_lookup_elem) -
11812 __bpf_call_base;
11813 continue;
11814 case BPF_FUNC_map_update_elem:
11815 insn->imm = BPF_CAST_CALL(ops->map_update_elem) -
11816 __bpf_call_base;
11817 continue;
11818 case BPF_FUNC_map_delete_elem:
11819 insn->imm = BPF_CAST_CALL(ops->map_delete_elem) -
11820 __bpf_call_base;
11821 continue;
11822 case BPF_FUNC_map_push_elem:
11823 insn->imm = BPF_CAST_CALL(ops->map_push_elem) -
11824 __bpf_call_base;
11825 continue;
11826 case BPF_FUNC_map_pop_elem:
11827 insn->imm = BPF_CAST_CALL(ops->map_pop_elem) -
11828 __bpf_call_base;
11829 continue;
11830 case BPF_FUNC_map_peek_elem:
11831 insn->imm = BPF_CAST_CALL(ops->map_peek_elem) -
11832 __bpf_call_base;
11833 continue;
11834 }
11835
11836 goto patch_call_imm;
11837 }
11838
11839 /* Implement bpf_jiffies64 inline. */
11840 if (prog->jit_requested && BITS_PER_LONG == 64 &&
11841 insn->imm == BPF_FUNC_jiffies64) {
11842 struct bpf_insn ld_jiffies_addr[2] = {
11843 BPF_LD_IMM64(BPF_REG_0,
11844 (unsigned long)&jiffies),
11845 };
11846
11847 insn_buf[0] = ld_jiffies_addr[0];
11848 insn_buf[1] = ld_jiffies_addr[1];
11849 insn_buf[2] = BPF_LDX_MEM(BPF_DW, BPF_REG_0,
11850 BPF_REG_0, 0);
11851 cnt = 3;
11852
11853 new_prog = bpf_patch_insn_data(env, i + delta, insn_buf,
11854 cnt);
11855 if (!new_prog)
11856 return -ENOMEM;
11857
11858 delta += cnt - 1;
11859 env->prog = prog = new_prog;
11860 insn = new_prog->insnsi + i + delta;
11861 continue;
11862 }
11863
11864 patch_call_imm:
11865 fn = env->ops->get_func_proto(insn->imm, env->prog);
11866 /* all functions that have prototype and verifier allowed
11867 * programs to call them, must be real in-kernel functions
11868 */
11869 if (!fn->func) {
11870 verbose(env,
11871 "kernel subsystem misconfigured func %s#%d\n",
11872 func_id_name(insn->imm), insn->imm);
11873 return -EFAULT;
11874 }
11875 insn->imm = fn->func - __bpf_call_base;
11876 }
11877
11878 /* Since poke tab is now finalized, publish aux to tracker. */
11879 for (i = 0; i < prog->aux->size_poke_tab; i++) {
11880 map_ptr = prog->aux->poke_tab[i].tail_call.map;
11881 if (!map_ptr->ops->map_poke_track ||
11882 !map_ptr->ops->map_poke_untrack ||
11883 !map_ptr->ops->map_poke_run) {
11884 verbose(env, "bpf verifier is misconfigured\n");
11885 return -EINVAL;
11886 }
11887
11888 ret = map_ptr->ops->map_poke_track(map_ptr, prog->aux);
11889 if (ret < 0) {
11890 verbose(env, "tracking tail call prog failed\n");
11891 return ret;
11892 }
11893 }
11894
11895 return 0;
11896 }
11897
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
Download attachment ".config.gz" of type "application/gzip" (27018 bytes)
Powered by blists - more mailing lists