Re: [PATCH bpf-next v9 2/4] bpf: Allow trusted pointers to be passed to KF_TRUSTED_ARGS kfuncs
From: Alexei Starovoitov
Date: Sun Nov 20 2022 - 12:28:28 EST
On Sat, Nov 19, 2022 at 11:10:02PM -0600, David Vernet wrote:
> case KF_ARG_PTR_TO_BTF_ID:
> /* Only base_type is checked, further checks are done here */
> - if (reg->type != PTR_TO_BTF_ID &&
> - (!reg2btf_ids[base_type(reg->type)] || type_flag(reg->type))) {
> - verbose(env, "arg#%d expected pointer to btf or socket\n", i);
> + if ((base_type(reg->type) != PTR_TO_BTF_ID ||
> + bpf_type_has_unsafe_modifiers(reg->type)) &&
> + !reg2btf_ids[base_type(reg->type)]) {
> + verbose(env, "arg#%d is %s ", i, reg_type_str(env, reg->type));
> + verbose(env, "expected %s or socket\n",
> + reg_type_str(env, base_type(reg->type) |
> + (type_flag(reg->type) & BPF_REG_TRUSTED_MODIFIERS)));
...
> diff --git a/tools/testing/selftests/bpf/verifier/calls.c b/tools/testing/selftests/bpf/verifier/calls.c
> index 86d6fef2e3b4..3193915c5ee6 100644
> --- a/tools/testing/selftests/bpf/verifier/calls.c
> +++ b/tools/testing/selftests/bpf/verifier/calls.c
> @@ -109,7 +109,7 @@
> },
> .prog_type = BPF_PROG_TYPE_SCHED_CLS,
> .result = REJECT,
> - .errstr = "arg#0 expected pointer to btf or socket",
> + .errstr = "arg#0 is ptr_or_null_ expected ptr_ or socket",
Nice.
I missed the fact that reg_type_str() prints only the type.
We see more verbose prints in print_verifier_state():
verbose(env, "%s", reg_type_str(env, t));
if (base_type(t) == PTR_TO_BTF_ID)
verbose(env, "%s", kernel_type_name(reg->btf, reg->btf_id));
Since reg_type_str() prints into a buffer maybe we can enhance it with
struct name printing too?
Not urgent.
The set looks great. Applied.
There is an odd arm64 failure in bonding test reported by CI, but looks unrelated.