lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <202105291338.InwTq6PU-lkp@intel.com>
Date:   Sat, 29 May 2021 13:36:40 +0800
From:   kernel test robot <lkp@...el.com>
To:     Brendan Jackman <jackmanb@...gle.com>
Cc:     kbuild-all@...ts.01.org, clang-built-linux@...glegroups.com,
        linux-kernel@...r.kernel.org, Alexei Starovoitov <ast@...nel.org>
Subject: kernel/bpf/verifier.c:11541:12: warning: stack frame size of 2176
 bytes in function 'do_misc_fixups'

Hi Brendan,

FYI, the error/warning still remains.

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head:   6799d4f2da496cab9b3fd26283a8ce3639b1a88d
commit: e6ac593372aadacc14e02b198e4a1acfef1db595 bpf: Rename fixup_bpf_calls and add some comments
date:   3 months ago
config: powerpc64-randconfig-r036-20210529 (attached as .config)
compiler: clang version 13.0.0 (https://github.com/llvm/llvm-project bc6799f2f79f0ae87e9f1ebf9d25ba799fbd25a9)
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # install powerpc64 cross compiling tool for clang build
        # apt-get install binutils-powerpc64-linux-gnu
        # https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6ac593372aadacc14e02b198e4a1acfef1db595
        git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
        git fetch --no-tags linus master
        git checkout e6ac593372aadacc14e02b198e4a1acfef1db595
        # save the attached .config to linux build tree
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=powerpc64 

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>

All warnings (new ones prefixed by >>):

   __do_insb
   ^
   arch/powerpc/include/asm/io.h:556:56: note: expanded from macro '__do_insb'
   #define __do_insb(p, b, n)      readsb((PCI_IO_ADDR)_IO_BASE+(p), (b), (n))
                                          ~~~~~~~~~~~~~~~~~~~~~^
   In file included from kernel/bpf/verifier.c:12:
   In file included from include/linux/bpf_verifier.h:9:
   In file included from include/linux/filter.h:13:
   In file included from include/linux/skbuff.h:31:
   In file included from include/linux/dma-mapping.h:10:
   In file included from include/linux/scatterlist.h:9:
   In file included from arch/powerpc/include/asm/io.h:619:
   arch/powerpc/include/asm/io-defs.h:45:1: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
   DEF_PCI_AC_NORET(insw, (unsigned long p, void *b, unsigned long c),
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   arch/powerpc/include/asm/io.h:616:3: note: expanded from macro 'DEF_PCI_AC_NORET'
                   __do_##name al;                                 \
                   ^~~~~~~~~~~~~~
   <scratch space>:17:1: note: expanded from here
   __do_insw
   ^
   arch/powerpc/include/asm/io.h:557:56: note: expanded from macro '__do_insw'
   #define __do_insw(p, b, n)      readsw((PCI_IO_ADDR)_IO_BASE+(p), (b), (n))
                                          ~~~~~~~~~~~~~~~~~~~~~^
   In file included from kernel/bpf/verifier.c:12:
   In file included from include/linux/bpf_verifier.h:9:
   In file included from include/linux/filter.h:13:
   In file included from include/linux/skbuff.h:31:
   In file included from include/linux/dma-mapping.h:10:
   In file included from include/linux/scatterlist.h:9:
   In file included from arch/powerpc/include/asm/io.h:619:
   arch/powerpc/include/asm/io-defs.h:47:1: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
   DEF_PCI_AC_NORET(insl, (unsigned long p, void *b, unsigned long c),
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   arch/powerpc/include/asm/io.h:616:3: note: expanded from macro 'DEF_PCI_AC_NORET'
                   __do_##name al;                                 \
                   ^~~~~~~~~~~~~~
   <scratch space>:19:1: note: expanded from here
   __do_insl
   ^
   arch/powerpc/include/asm/io.h:558:56: note: expanded from macro '__do_insl'
   #define __do_insl(p, b, n)      readsl((PCI_IO_ADDR)_IO_BASE+(p), (b), (n))
                                          ~~~~~~~~~~~~~~~~~~~~~^
   In file included from kernel/bpf/verifier.c:12:
   In file included from include/linux/bpf_verifier.h:9:
   In file included from include/linux/filter.h:13:
   In file included from include/linux/skbuff.h:31:
   In file included from include/linux/dma-mapping.h:10:
   In file included from include/linux/scatterlist.h:9:
   In file included from arch/powerpc/include/asm/io.h:619:
   arch/powerpc/include/asm/io-defs.h:49:1: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
   DEF_PCI_AC_NORET(outsb, (unsigned long p, const void *b, unsigned long c),
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   arch/powerpc/include/asm/io.h:616:3: note: expanded from macro 'DEF_PCI_AC_NORET'
                   __do_##name al;                                 \
                   ^~~~~~~~~~~~~~
   <scratch space>:21:1: note: expanded from here
   __do_outsb
   ^
   arch/powerpc/include/asm/io.h:559:58: note: expanded from macro '__do_outsb'
   #define __do_outsb(p, b, n)     writesb((PCI_IO_ADDR)_IO_BASE+(p),(b),(n))
                                           ~~~~~~~~~~~~~~~~~~~~~^
   In file included from kernel/bpf/verifier.c:12:
   In file included from include/linux/bpf_verifier.h:9:
   In file included from include/linux/filter.h:13:
   In file included from include/linux/skbuff.h:31:
   In file included from include/linux/dma-mapping.h:10:
   In file included from include/linux/scatterlist.h:9:
   In file included from arch/powerpc/include/asm/io.h:619:
   arch/powerpc/include/asm/io-defs.h:51:1: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
   DEF_PCI_AC_NORET(outsw, (unsigned long p, const void *b, unsigned long c),
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   arch/powerpc/include/asm/io.h:616:3: note: expanded from macro 'DEF_PCI_AC_NORET'
                   __do_##name al;                                 \
                   ^~~~~~~~~~~~~~
   <scratch space>:23:1: note: expanded from here
   __do_outsw
   ^
   arch/powerpc/include/asm/io.h:560:58: note: expanded from macro '__do_outsw'
   #define __do_outsw(p, b, n)     writesw((PCI_IO_ADDR)_IO_BASE+(p),(b),(n))
                                           ~~~~~~~~~~~~~~~~~~~~~^
   In file included from kernel/bpf/verifier.c:12:
   In file included from include/linux/bpf_verifier.h:9:
   In file included from include/linux/filter.h:13:
   In file included from include/linux/skbuff.h:31:
   In file included from include/linux/dma-mapping.h:10:
   In file included from include/linux/scatterlist.h:9:
   In file included from arch/powerpc/include/asm/io.h:619:
   arch/powerpc/include/asm/io-defs.h:53:1: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic]
   DEF_PCI_AC_NORET(outsl, (unsigned long p, const void *b, unsigned long c),
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   arch/powerpc/include/asm/io.h:616:3: note: expanded from macro 'DEF_PCI_AC_NORET'
                   __do_##name al;                                 \
                   ^~~~~~~~~~~~~~
   <scratch space>:25:1: note: expanded from here
   __do_outsl
   ^
   arch/powerpc/include/asm/io.h:561:58: note: expanded from macro '__do_outsl'
   #define __do_outsl(p, b, n)     writesl((PCI_IO_ADDR)_IO_BASE+(p),(b),(n))
                                           ~~~~~~~~~~~~~~~~~~~~~^
>> kernel/bpf/verifier.c:11541:12: warning: stack frame size of 2176 bytes in function 'do_misc_fixups' [-Wframe-larger-than=]
   static int do_misc_fixups(struct bpf_verifier_env *env)
              ^
   kernel/bpf/verifier.c:9848:12: warning: stack frame size of 5280 bytes in function 'do_check' [-Wframe-larger-than=]
   static int do_check(struct bpf_verifier_env *env)
              ^
   15 warnings generated.


vim +/do_misc_fixups +11541 kernel/bpf/verifier.c

 11537	
 11538	/* Do various post-verification rewrites in a single program pass.
 11539	 * These rewrites simplify JIT and interpreter implementations.
 11540	 */
 11541	static int do_misc_fixups(struct bpf_verifier_env *env)
 11542	{
 11543		struct bpf_prog *prog = env->prog;
 11544		bool expect_blinding = bpf_jit_blinding_enabled(prog);
 11545		struct bpf_insn *insn = prog->insnsi;
 11546		const struct bpf_func_proto *fn;
 11547		const int insn_cnt = prog->len;
 11548		const struct bpf_map_ops *ops;
 11549		struct bpf_insn_aux_data *aux;
 11550		struct bpf_insn insn_buf[16];
 11551		struct bpf_prog *new_prog;
 11552		struct bpf_map *map_ptr;
 11553		int i, ret, cnt, delta = 0;
 11554	
 11555		for (i = 0; i < insn_cnt; i++, insn++) {
 11556			/* Make divide-by-zero exceptions impossible. */
 11557			if (insn->code == (BPF_ALU64 | BPF_MOD | BPF_X) ||
 11558			    insn->code == (BPF_ALU64 | BPF_DIV | BPF_X) ||
 11559			    insn->code == (BPF_ALU | BPF_MOD | BPF_X) ||
 11560			    insn->code == (BPF_ALU | BPF_DIV | BPF_X)) {
 11561				bool is64 = BPF_CLASS(insn->code) == BPF_ALU64;
 11562				bool isdiv = BPF_OP(insn->code) == BPF_DIV;
 11563				struct bpf_insn *patchlet;
 11564				struct bpf_insn chk_and_div[] = {
 11565					/* [R,W]x div 0 -> 0 */
 11566					BPF_RAW_INSN((is64 ? BPF_JMP : BPF_JMP32) |
 11567						     BPF_JNE | BPF_K, insn->src_reg,
 11568						     0, 2, 0),
 11569					BPF_ALU32_REG(BPF_XOR, insn->dst_reg, insn->dst_reg),
 11570					BPF_JMP_IMM(BPF_JA, 0, 0, 1),
 11571					*insn,
 11572				};
 11573				struct bpf_insn chk_and_mod[] = {
 11574					/* [R,W]x mod 0 -> [R,W]x */
 11575					BPF_RAW_INSN((is64 ? BPF_JMP : BPF_JMP32) |
 11576						     BPF_JEQ | BPF_K, insn->src_reg,
 11577						     0, 1 + (is64 ? 0 : 1), 0),
 11578					*insn,
 11579					BPF_JMP_IMM(BPF_JA, 0, 0, 1),
 11580					BPF_MOV32_REG(insn->dst_reg, insn->dst_reg),
 11581				};
 11582	
 11583				patchlet = isdiv ? chk_and_div : chk_and_mod;
 11584				cnt = isdiv ? ARRAY_SIZE(chk_and_div) :
 11585					      ARRAY_SIZE(chk_and_mod) - (is64 ? 2 : 0);
 11586	
 11587				new_prog = bpf_patch_insn_data(env, i + delta, patchlet, cnt);
 11588				if (!new_prog)
 11589					return -ENOMEM;
 11590	
 11591				delta    += cnt - 1;
 11592				env->prog = prog = new_prog;
 11593				insn      = new_prog->insnsi + i + delta;
 11594				continue;
 11595			}
 11596	
 11597			/* Implement LD_ABS and LD_IND with a rewrite, if supported by the program type. */
 11598			if (BPF_CLASS(insn->code) == BPF_LD &&
 11599			    (BPF_MODE(insn->code) == BPF_ABS ||
 11600			     BPF_MODE(insn->code) == BPF_IND)) {
 11601				cnt = env->ops->gen_ld_abs(insn, insn_buf);
 11602				if (cnt == 0 || cnt >= ARRAY_SIZE(insn_buf)) {
 11603					verbose(env, "bpf verifier is misconfigured\n");
 11604					return -EINVAL;
 11605				}
 11606	
 11607				new_prog = bpf_patch_insn_data(env, i + delta, insn_buf, cnt);
 11608				if (!new_prog)
 11609					return -ENOMEM;
 11610	
 11611				delta    += cnt - 1;
 11612				env->prog = prog = new_prog;
 11613				insn      = new_prog->insnsi + i + delta;
 11614				continue;
 11615			}
 11616	
 11617			/* Rewrite pointer arithmetic to mitigate speculation attacks. */
 11618			if (insn->code == (BPF_ALU64 | BPF_ADD | BPF_X) ||
 11619			    insn->code == (BPF_ALU64 | BPF_SUB | BPF_X)) {
 11620				const u8 code_add = BPF_ALU64 | BPF_ADD | BPF_X;
 11621				const u8 code_sub = BPF_ALU64 | BPF_SUB | BPF_X;
 11622				struct bpf_insn insn_buf[16];
 11623				struct bpf_insn *patch = &insn_buf[0];
 11624				bool issrc, isneg;
 11625				u32 off_reg;
 11626	
 11627				aux = &env->insn_aux_data[i + delta];
 11628				if (!aux->alu_state ||
 11629				    aux->alu_state == BPF_ALU_NON_POINTER)
 11630					continue;
 11631	
 11632				isneg = aux->alu_state & BPF_ALU_NEG_VALUE;
 11633				issrc = (aux->alu_state & BPF_ALU_SANITIZE) ==
 11634					BPF_ALU_SANITIZE_SRC;
 11635	
 11636				off_reg = issrc ? insn->src_reg : insn->dst_reg;
 11637				if (isneg)
 11638					*patch++ = BPF_ALU64_IMM(BPF_MUL, off_reg, -1);
 11639				*patch++ = BPF_MOV32_IMM(BPF_REG_AX, aux->alu_limit - 1);
 11640				*patch++ = BPF_ALU64_REG(BPF_SUB, BPF_REG_AX, off_reg);
 11641				*patch++ = BPF_ALU64_REG(BPF_OR, BPF_REG_AX, off_reg);
 11642				*patch++ = BPF_ALU64_IMM(BPF_NEG, BPF_REG_AX, 0);
 11643				*patch++ = BPF_ALU64_IMM(BPF_ARSH, BPF_REG_AX, 63);
 11644				if (issrc) {
 11645					*patch++ = BPF_ALU64_REG(BPF_AND, BPF_REG_AX,
 11646								 off_reg);
 11647					insn->src_reg = BPF_REG_AX;
 11648				} else {
 11649					*patch++ = BPF_ALU64_REG(BPF_AND, off_reg,
 11650								 BPF_REG_AX);
 11651				}
 11652				if (isneg)
 11653					insn->code = insn->code == code_add ?
 11654						     code_sub : code_add;
 11655				*patch++ = *insn;
 11656				if (issrc && isneg)
 11657					*patch++ = BPF_ALU64_IMM(BPF_MUL, off_reg, -1);
 11658				cnt = patch - insn_buf;
 11659	
 11660				new_prog = bpf_patch_insn_data(env, i + delta, insn_buf, cnt);
 11661				if (!new_prog)
 11662					return -ENOMEM;
 11663	
 11664				delta    += cnt - 1;
 11665				env->prog = prog = new_prog;
 11666				insn      = new_prog->insnsi + i + delta;
 11667				continue;
 11668			}
 11669	
 11670			if (insn->code != (BPF_JMP | BPF_CALL))
 11671				continue;
 11672			if (insn->src_reg == BPF_PSEUDO_CALL)
 11673				continue;
 11674	
 11675			if (insn->imm == BPF_FUNC_get_route_realm)
 11676				prog->dst_needed = 1;
 11677			if (insn->imm == BPF_FUNC_get_prandom_u32)
 11678				bpf_user_rnd_init_once();
 11679			if (insn->imm == BPF_FUNC_override_return)
 11680				prog->kprobe_override = 1;
 11681			if (insn->imm == BPF_FUNC_tail_call) {
 11682				/* If we tail call into other programs, we
 11683				 * cannot make any assumptions since they can
 11684				 * be replaced dynamically during runtime in
 11685				 * the program array.
 11686				 */
 11687				prog->cb_access = 1;
 11688				if (!allow_tail_call_in_subprogs(env))
 11689					prog->aux->stack_depth = MAX_BPF_STACK;
 11690				prog->aux->max_pkt_offset = MAX_PACKET_OFF;
 11691	
 11692				/* mark bpf_tail_call as different opcode to avoid
 11693				 * conditional branch in the interpeter for every normal
 11694				 * call and to prevent accidental JITing by JIT compiler
 11695				 * that doesn't support bpf_tail_call yet
 11696				 */
 11697				insn->imm = 0;
 11698				insn->code = BPF_JMP | BPF_TAIL_CALL;
 11699	
 11700				aux = &env->insn_aux_data[i + delta];
 11701				if (env->bpf_capable && !expect_blinding &&
 11702				    prog->jit_requested &&
 11703				    !bpf_map_key_poisoned(aux) &&
 11704				    !bpf_map_ptr_poisoned(aux) &&
 11705				    !bpf_map_ptr_unpriv(aux)) {
 11706					struct bpf_jit_poke_descriptor desc = {
 11707						.reason = BPF_POKE_REASON_TAIL_CALL,
 11708						.tail_call.map = BPF_MAP_PTR(aux->map_ptr_state),
 11709						.tail_call.key = bpf_map_key_immediate(aux),
 11710						.insn_idx = i + delta,
 11711					};
 11712	
 11713					ret = bpf_jit_add_poke_descriptor(prog, &desc);
 11714					if (ret < 0) {
 11715						verbose(env, "adding tail call poke descriptor failed\n");
 11716						return ret;
 11717					}
 11718	
 11719					insn->imm = ret + 1;
 11720					continue;
 11721				}
 11722	
 11723				if (!bpf_map_ptr_unpriv(aux))
 11724					continue;
 11725	
 11726				/* instead of changing every JIT dealing with tail_call
 11727				 * emit two extra insns:
 11728				 * if (index >= max_entries) goto out;
 11729				 * index &= array->index_mask;
 11730				 * to avoid out-of-bounds cpu speculation
 11731				 */
 11732				if (bpf_map_ptr_poisoned(aux)) {
 11733					verbose(env, "tail_call abusing map_ptr\n");
 11734					return -EINVAL;
 11735				}
 11736	
 11737				map_ptr = BPF_MAP_PTR(aux->map_ptr_state);
 11738				insn_buf[0] = BPF_JMP_IMM(BPF_JGE, BPF_REG_3,
 11739							  map_ptr->max_entries, 2);
 11740				insn_buf[1] = BPF_ALU32_IMM(BPF_AND, BPF_REG_3,
 11741							    container_of(map_ptr,
 11742									 struct bpf_array,
 11743									 map)->index_mask);
 11744				insn_buf[2] = *insn;
 11745				cnt = 3;
 11746				new_prog = bpf_patch_insn_data(env, i + delta, insn_buf, cnt);
 11747				if (!new_prog)
 11748					return -ENOMEM;
 11749	
 11750				delta    += cnt - 1;
 11751				env->prog = prog = new_prog;
 11752				insn      = new_prog->insnsi + i + delta;
 11753				continue;
 11754			}
 11755	
 11756			/* BPF_EMIT_CALL() assumptions in some of the map_gen_lookup
 11757			 * and other inlining handlers are currently limited to 64 bit
 11758			 * only.
 11759			 */
 11760			if (prog->jit_requested && BITS_PER_LONG == 64 &&
 11761			    (insn->imm == BPF_FUNC_map_lookup_elem ||
 11762			     insn->imm == BPF_FUNC_map_update_elem ||
 11763			     insn->imm == BPF_FUNC_map_delete_elem ||
 11764			     insn->imm == BPF_FUNC_map_push_elem   ||
 11765			     insn->imm == BPF_FUNC_map_pop_elem    ||
 11766			     insn->imm == BPF_FUNC_map_peek_elem)) {
 11767				aux = &env->insn_aux_data[i + delta];
 11768				if (bpf_map_ptr_poisoned(aux))
 11769					goto patch_call_imm;
 11770	
 11771				map_ptr = BPF_MAP_PTR(aux->map_ptr_state);
 11772				ops = map_ptr->ops;
 11773				if (insn->imm == BPF_FUNC_map_lookup_elem &&
 11774				    ops->map_gen_lookup) {
 11775					cnt = ops->map_gen_lookup(map_ptr, insn_buf);
 11776					if (cnt == -EOPNOTSUPP)
 11777						goto patch_map_ops_generic;
 11778					if (cnt <= 0 || cnt >= ARRAY_SIZE(insn_buf)) {
 11779						verbose(env, "bpf verifier is misconfigured\n");
 11780						return -EINVAL;
 11781					}
 11782	
 11783					new_prog = bpf_patch_insn_data(env, i + delta,
 11784								       insn_buf, cnt);
 11785					if (!new_prog)
 11786						return -ENOMEM;
 11787	
 11788					delta    += cnt - 1;
 11789					env->prog = prog = new_prog;
 11790					insn      = new_prog->insnsi + i + delta;
 11791					continue;
 11792				}
 11793	
 11794				BUILD_BUG_ON(!__same_type(ops->map_lookup_elem,
 11795					     (void *(*)(struct bpf_map *map, void *key))NULL));
 11796				BUILD_BUG_ON(!__same_type(ops->map_delete_elem,
 11797					     (int (*)(struct bpf_map *map, void *key))NULL));
 11798				BUILD_BUG_ON(!__same_type(ops->map_update_elem,
 11799					     (int (*)(struct bpf_map *map, void *key, void *value,
 11800						      u64 flags))NULL));
 11801				BUILD_BUG_ON(!__same_type(ops->map_push_elem,
 11802					     (int (*)(struct bpf_map *map, void *value,
 11803						      u64 flags))NULL));
 11804				BUILD_BUG_ON(!__same_type(ops->map_pop_elem,
 11805					     (int (*)(struct bpf_map *map, void *value))NULL));
 11806				BUILD_BUG_ON(!__same_type(ops->map_peek_elem,
 11807					     (int (*)(struct bpf_map *map, void *value))NULL));
 11808	patch_map_ops_generic:
 11809				switch (insn->imm) {
 11810				case BPF_FUNC_map_lookup_elem:
 11811					insn->imm = BPF_CAST_CALL(ops->map_lookup_elem) -
 11812						    __bpf_call_base;
 11813					continue;
 11814				case BPF_FUNC_map_update_elem:
 11815					insn->imm = BPF_CAST_CALL(ops->map_update_elem) -
 11816						    __bpf_call_base;
 11817					continue;
 11818				case BPF_FUNC_map_delete_elem:
 11819					insn->imm = BPF_CAST_CALL(ops->map_delete_elem) -
 11820						    __bpf_call_base;
 11821					continue;
 11822				case BPF_FUNC_map_push_elem:
 11823					insn->imm = BPF_CAST_CALL(ops->map_push_elem) -
 11824						    __bpf_call_base;
 11825					continue;
 11826				case BPF_FUNC_map_pop_elem:
 11827					insn->imm = BPF_CAST_CALL(ops->map_pop_elem) -
 11828						    __bpf_call_base;
 11829					continue;
 11830				case BPF_FUNC_map_peek_elem:
 11831					insn->imm = BPF_CAST_CALL(ops->map_peek_elem) -
 11832						    __bpf_call_base;
 11833					continue;
 11834				}
 11835	
 11836				goto patch_call_imm;
 11837			}
 11838	
 11839			/* Implement bpf_jiffies64 inline. */
 11840			if (prog->jit_requested && BITS_PER_LONG == 64 &&
 11841			    insn->imm == BPF_FUNC_jiffies64) {
 11842				struct bpf_insn ld_jiffies_addr[2] = {
 11843					BPF_LD_IMM64(BPF_REG_0,
 11844						     (unsigned long)&jiffies),
 11845				};
 11846	
 11847				insn_buf[0] = ld_jiffies_addr[0];
 11848				insn_buf[1] = ld_jiffies_addr[1];
 11849				insn_buf[2] = BPF_LDX_MEM(BPF_DW, BPF_REG_0,
 11850							  BPF_REG_0, 0);
 11851				cnt = 3;
 11852	
 11853				new_prog = bpf_patch_insn_data(env, i + delta, insn_buf,
 11854							       cnt);
 11855				if (!new_prog)
 11856					return -ENOMEM;
 11857	
 11858				delta    += cnt - 1;
 11859				env->prog = prog = new_prog;
 11860				insn      = new_prog->insnsi + i + delta;
 11861				continue;
 11862			}
 11863	
 11864	patch_call_imm:
 11865			fn = env->ops->get_func_proto(insn->imm, env->prog);
 11866			/* all functions that have prototype and verifier allowed
 11867			 * programs to call them, must be real in-kernel functions
 11868			 */
 11869			if (!fn->func) {
 11870				verbose(env,
 11871					"kernel subsystem misconfigured func %s#%d\n",
 11872					func_id_name(insn->imm), insn->imm);
 11873				return -EFAULT;
 11874			}
 11875			insn->imm = fn->func - __bpf_call_base;
 11876		}
 11877	
 11878		/* Since poke tab is now finalized, publish aux to tracker. */
 11879		for (i = 0; i < prog->aux->size_poke_tab; i++) {
 11880			map_ptr = prog->aux->poke_tab[i].tail_call.map;
 11881			if (!map_ptr->ops->map_poke_track ||
 11882			    !map_ptr->ops->map_poke_untrack ||
 11883			    !map_ptr->ops->map_poke_run) {
 11884				verbose(env, "bpf verifier is misconfigured\n");
 11885				return -EINVAL;
 11886			}
 11887	
 11888			ret = map_ptr->ops->map_poke_track(map_ptr, prog->aux);
 11889			if (ret < 0) {
 11890				verbose(env, "tracking tail call prog failed\n");
 11891				return ret;
 11892			}
 11893		}
 11894	
 11895		return 0;
 11896	}
 11897	

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

Download attachment ".config.gz" of type "application/gzip" (27018 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ