Skip to content

Commit 4816c0f

Browse files
teckitecki
committed
fix
1 parent b1701a6 commit 4816c0f

File tree

1 file changed

+20
-17
lines changed

1 file changed

+20
-17
lines changed

kernel/bpf/verifier.c

Lines changed: 20 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -11008,6 +11008,10 @@ static int prepare_func_exit(struct bpf_verifier_env *env, int *insn_idx)
1100811008
bool in_callback_fn;
1100911009
int err;
1101011010

11011+
err = bpf_update_live_stack(env);
11012+
if (err)
11013+
return err;
11014+
1101111015
callee = state->frame[state->curframe];
1101211016
r0 = &callee->regs[BPF_REG_0];
1101311017
if (r0->type == PTR_TO_STACK) {
@@ -11404,8 +11408,7 @@ static inline bool in_sleepable_context(struct bpf_verifier_env *env)
1140411408

1140511409
static int check_helper_call(struct bpf_verifier_env *env,
1140611410
struct bpf_insn *insn,
11407-
int *insn_idx_p,
11408-
bool *do_print_state)
11411+
int *insn_idx_p)
1140911412
{
1141011413
enum bpf_prog_type prog_type = resolve_prog_type(env->prog);
1141111414
bool returns_cpu_specific_alloc_ptr = false;
@@ -11917,18 +11920,21 @@ static int check_helper_call(struct bpf_verifier_env *env,
1191711920
}
1191811921

1191911922
if (func_id == BPF_FUNC_tail_call) {
11920-
struct bpf_verifier_state *branch;
11921-
mark_reg_scratched(env, BPF_REG_0);
11922-
branch = push_stack(env, env->insn_idx + 1, env->insn_idx, false);
11923-
if (IS_ERR(branch))
11924-
return PTR_ERR(branch);
11925-
clear_all_pkt_pointers(env);
11926-
mark_reg_unknown(env, regs, BPF_REG_0);
11927-
err = process_bpf_exit_full(env, do_print_state, false);
11928-
if (err)
11929-
return err;
11930-
else
11923+
if (env->cur_state->curframe) {
11924+
struct bpf_verifier_state *branch;
11925+
mark_reg_scratched(env, BPF_REG_0);
11926+
branch = push_stack(env, env->insn_idx + 1, env->insn_idx, false);
11927+
if (IS_ERR(branch))
11928+
return PTR_ERR(branch);
11929+
clear_all_pkt_pointers(env);
11930+
mark_reg_unknown(env, regs, BPF_REG_0);
11931+
err = prepare_func_exit(env, &env->insn_idx);
11932+
if (err)
11933+
return err;
1193111934
env->insn_idx--;
11935+
} else {
11936+
changes_data = false;
11937+
}
1193211938
}
1193311939

1193411940
if (changes_data)
@@ -19865,9 +19871,6 @@ static int process_bpf_exit_full(struct bpf_verifier_env *env,
1986519871
return PROCESS_BPF_EXIT;
1986619872

1986719873
if (env->cur_state->curframe) {
19868-
err = bpf_update_live_stack(env);
19869-
if (err)
19870-
return err;
1987119874
/* exit from nested function */
1987219875
err = prepare_func_exit(env, &env->insn_idx);
1987319876
if (err)
@@ -19977,7 +19980,7 @@ static int do_check_insn(struct bpf_verifier_env *env, bool *do_print_state)
1997719980
if (!err && is_bpf_throw_kfunc(insn))
1997819981
return process_bpf_exit_full(env, do_print_state, true);
1997919982
} else {
19980-
err = check_helper_call(env, insn, &env->insn_idx, do_print_state);
19983+
err = check_helper_call(env, insn, &env->insn_idx);
1998119984
}
1998219985
if (err)
1998319986
return err;

0 commit comments

Comments
 (0)