diff options
| author |   Daniel Xu <dxu@dxuuu.xyz> | 2025-01-14 13:28:43 -0700 |
|---|---|---|
| committer |   Alexei Starovoitov <ast@kernel.org> | 2025-01-16 17:51:10 -0800 |
| commit | 8ac412a3361173e3000b16167af3d1f6f90af613 (patch) | |
| tree | 27c3dee9bea00312254e869aa5925d1851cd750f | |
| parent | bpf: verifier: Add missing newline on verbose() call (diff) | |
| download | wireguard-linux-8ac412a3361173e3000b16167af3d1f6f90af613.tar.xz wireguard-linux-8ac412a3361173e3000b16167af3d1f6f90af613.zip | |
bpf: tcp: Mark bpf_load_hdr_opt() arg2 as read-write
MEM_WRITE attribute is defined as: "Non-presence of MEM_WRITE means that
MEM is only being read". bpf_load_hdr_opt() both reads and writes from
its arg2 - void *search_res.
This matters a lot for the next commit where we more precisely track
stack accesses. Without this annotation, the verifier will make false
assumptions about the contents of memory written to by helpers and
possibly prune valid branches.
Fixes: 6fad274f06f0 ("bpf: Add MEM_WRITE attribute")
Acked-by: Martin KaFai Lau <martin.lau@kernel.org>
Signed-off-by: Daniel Xu <dxu@dxuuu.xyz>
Link: https://lore.kernel.org/r/730e45f8c39be2a5f3d8c4406cceca9d574cbf14.1736886479.git.dxu@dxuuu.xyz
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Diffstat (limited to '')
| -rw-r--r-- | net/core/filter.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/core/filter.c b/net/core/filter.c index 21131ec25f24..713d6f454df3 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -7643,7 +7643,7 @@ static const struct bpf_func_proto bpf_sock_ops_load_hdr_opt_proto = { .gpl_only = false, .ret_type = RET_INTEGER, .arg1_type = ARG_PTR_TO_CTX, - .arg2_type = ARG_PTR_TO_MEM, + .arg2_type = ARG_PTR_TO_MEM | MEM_WRITE, .arg3_type = ARG_CONST_SIZE, .arg4_type = ARG_ANYTHING, }; |