lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20251001142127.37559-1-suchitkarunakaran@gmail.com>
Date: Wed,  1 Oct 2025 19:51:26 +0530
From: Suchit Karunakaran <suchitkarunakaran@...il.com>
To: ast@...nel.org,
	daniel@...earbox.net,
	john.fastabend@...il.com,
	andrii@...nel.org,
	martin.lau@...ux.dev,
	eddyz87@...il.com,
	song@...nel.org,
	yonghong.song@...ux.dev,
	kpsingh@...nel.org,
	sdf@...ichev.me,
	haoluo@...gle.com,
	jolsa@...nel.org,
	bpf@...r.kernel.org
Cc: skhan@...uxfoundation.org,
	linux-kernel@...r.kernel.org
Subject: verifier: should we handle mark_chain_precision return value properly in loop_flag_is_zero?

Hi folks,
While going through the verifier code, I noticed that the integer return value of mark_chain_precision() is ignored within loop_flag_is_zero().

static bool loop_flag_is_zero(struct bpf_verifier_env *env)
{
    struct bpf_reg_state *regs = cur_regs(env);
    struct bpf_reg_state *reg = &regs[BPF_REG_4];
    bool reg_is_null = register_is_null(reg);

    if (reg_is_null)
        mark_chain_precision(env, BPF_REG_4);

    return reg_is_null;
}

My question is:
Is this behavior intentional (i.e., errors from mark_chain_precision() are safe to ignore here)?
Or should loop_flag_is_zero() propagate the error to update_loop_inline_state() and from there to check_helper_call() function?
I’d appreciate any clarification or suggestions. Apologies if this kind of question isn’t appropriate for the mailing list, I wanted to clarify the intended semantics before attempting a fix.

Thanks,
Suchit Karunakaran

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ