• Kumar Kartikeya Dwivedi's avatar
    bpf: Add support for forcing kfunc args to be trusted · 56e948ff
    Kumar Kartikeya Dwivedi authored
    Teach the verifier to detect a new KF_TRUSTED_ARGS kfunc flag, which
    means each pointer argument must be trusted, which we define as a
    pointer that is referenced (has non-zero ref_obj_id) and also needs to
    have its offset unchanged, similar to how release functions expect their
    argument. This allows a kfunc to receive pointer arguments unchanged
    from the result of the acquire kfunc.
    
    This is required to ensure that kfunc that operate on some object only
    work on acquired pointers and not normal PTR_TO_BTF_ID with same type
    which can be obtained by pointer walking. The restrictions applied to
    release arguments also apply to trusted arguments. This implies that
    strict type matching (not deducing type by recursively following members
    at offset) and OBJ_RELEASE offset checks (ensuring they are zero) are
    used for trusted pointer arguments.
    Signed-off-by: default avatarKumar Kartikeya Dwivedi <memxor@gmail.com>
    Link: https://lore.kernel.org/r/20220721134245.2450-5-memxor@gmail.comSigned-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
    56e948ff
btf.c 201 KB