From nobody Sat Feb 7 06:21:20 2026 Received: from mail-pf1-f171.google.com (mail-pf1-f171.google.com [209.85.210.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 26DF92836A4 for ; Sun, 18 Jan 2026 08:17:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.171 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1768724257; cv=none; b=To8p3Fzy1PlxEKOobjwyiRWftQsGTJAaWgP9JrewpE4zFRH5HfRjGV0myCkrtUfaoeIBmrGjgJM57wrdPzlzOYAFv4PnjFNzPvsAAIUqwd3mHR25Y6keyBomGEO0Cy+aYU7NzkBV32p2D2A1FQXfoKyvYNGnPkxNJmf6lC24c+M= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1768724257; c=relaxed/simple; bh=unytFKZ8LCGZbWiIqqle1BjuJ9OKga7Krn0YjNtEcU4=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=mmfwajxv4Pjur+nWqkk/vyDSLBP58oTI/NLAUW0YkSU46vgSWzzgeHmnOWGdJpJQTwiT9yDj2h+urvFfNT1Op0I1L0ufhN+0OnUuQ2WDKjBGG7PPzzS+6EuTAVZ2tNIleSDKm22Q0oJylNfeiIXeHPvs3RSskAFHtP9ghvm4Xmo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=LT8HcWPT; arc=none smtp.client-ip=209.85.210.171 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="LT8HcWPT" Received: by mail-pf1-f171.google.com with SMTP id d2e1a72fcca58-81f4a1a3181so1805559b3a.3 for ; Sun, 18 Jan 2026 00:17:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1768724255; x=1769329055; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=htJmJ2nOl5HS2d4lrmu4G6awIswx3aqJ66sxEqxOU2k=; b=LT8HcWPT5bXV14eQDbR5ZpADYcB04gn6IGQCq4nyl0W5Hdn/8dKzg9pCLSK/5GvtBY 6y02qMyV3dQ2jWNBIuvKp+CjLIQLwhP3uU9fzwAFBNxrgoqYKxMn/1wick1vZjexyuCo T/UfBI2WnLHDpPBfHDn5rSsrYobZKRh5l+eEwh8r6dl5hZYXB6TSPKErke42DIbYjmlp qSvBNz20IXpCiEJECeyzDQchEBxIZ28vN8ff3cXN57RHhodD6y2Y5FXAAVaVIy1KoL4+ jduGOWhZAKNrP1nASDi6ypzQNZOSUVMlqqSfhKRAv63IdghKIWU06TihC9gQ2aOFU9SZ YoAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768724255; x=1769329055; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=htJmJ2nOl5HS2d4lrmu4G6awIswx3aqJ66sxEqxOU2k=; b=n/GTkVZXP2A+l5qzRXe3XkIqreRxfAkMJfrUAGE2Kmv/fP6hitd/n1aFGbNxfqHW8a u61mgf90AThXbaW+HV8fxP0EfN2CUhBAyJ6uprY5k7NRo6+76wVAAAYE8JzqWEhxcoSx 24ZJoDijUlGSG6iX0ZUZvubGiKInVv7S6JchumlMvdj6njcmdDoFg9MlaI3FF1WT1A5D JwSs2ywyN/F0W8B1CRYxiRUe6bOH8txr5zuVmPQoLC4qY+jL1fHt3BW/VvcD29fvSnS+ SwnsBvP9qkmfSsCNfJH4rdN/0knZ4fbfXzTKKf9ht5rFt8ma4l2KYfnCZYOaB/FQYZpx s/qQ== X-Forwarded-Encrypted: i=1; AJvYcCWBsAxVPG96Ya/JaMrybs8ydIwgPOCS4DpsFTvDSlzhdIZtdFiQVJNtJY1CglcJFDOY6iP9HWTMteQ6YGU=@vger.kernel.org X-Gm-Message-State: AOJu0YxwqSa7zs6Koen/YVXN2YXEO/ZBYTjCseI7c318kbE93qRhWviu 1CSbwwo0Jvrfm0u9PGhoNloPhdbva/HipSXi0+8oAyLAcIw5tvxVCiDW X-Gm-Gg: AY/fxX6WhWiJBLkUKHiDbLPhtFwYQ99fCzcvCxn6ZU2rIyH43Xd9iku80NJncd69MHu C4HzNuROozBrtM/PN6QhG4xz1GSZghwhps6cC+dzz9AUe5D7m1oDZNW/olY+QuvWhj2XJmttp0T T9W5vQQOykzl4Y3EDNyzW4pcbhmczzz4mhM3pyjYBjTrr/sCkQBaf0fPQOYNM9LBUKkcaMRozWJ UOIqohGa0+dUs6gqt8KaYnzcKpqVkREq1Hfu5DbZr48PG0XMYf7prXkcjiX7worMCfzkdTMYNfZ /8mkYlg4x07VT7TZlKjUd5WKp1DXEdFwgwj+SNV5hnuKg2yWZyiLbL3LURBma3xNH+007Eaerc9 iH5Lq7sStoFcc//H3wS5unyLUJlZCX9TXvImC5pEqzQjiF1A5lcwdsWyRF4nY2gH9RDX8WVjiiY Sij5FVmX6zMQCkXHqSjMs= X-Received: by 2002:a05:6a21:7001:b0:366:581e:1a11 with SMTP id adf61e73a8af0-38dfe7b7928mr7482687637.57.1768724255185; Sun, 18 Jan 2026 00:17:35 -0800 (PST) Received: from [127.0.0.1] ([38.207.158.11]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-c5edf32d1f1sm5917393a12.22.2026.01.18.00.17.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 18 Jan 2026 00:17:34 -0800 (PST) From: Zesen Liu Date: Sun, 18 Jan 2026 16:16:40 +0800 Subject: [PATCH bpf RESEND v2 2/2] bpf: Require ARG_PTR_TO_MEM with memory flag Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20260118-helper_proto-v2-2-ab3a1337e755@gmail.com> References: <20260118-helper_proto-v2-0-ab3a1337e755@gmail.com> In-Reply-To: <20260118-helper_proto-v2-0-ab3a1337e755@gmail.com> To: Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Eduard Zingerman , Song Liu , Yonghong Song , John Fastabend , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , Matt Bobrowski , Steven Rostedt , Masami Hiramatsu , Mathieu Desnoyers , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Daniel Xu Cc: bpf@vger.kernel.org, linux-kernel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, netdev@vger.kernel.org, Shuran Liu , Peili Gao , Haoran Ni , Zesen Liu X-Mailer: b4 0.14.3 X-Developer-Signature: v=1; a=openpgp-sha256; l=1786; i=ftyghome@gmail.com; h=from:subject:message-id; bh=unytFKZ8LCGZbWiIqqle1BjuJ9OKga7Krn0YjNtEcU4=; b=kA0DAAoWjB93TexNMocByyZiAGlslwmgYRVZhTO3qL3UsMid+RZOeXbWOpsd0zTWdjPWIO6Ej oh1BAAWCgAdFiEEjfgx3alpNzO2PKDBjB93TexNMocFAmlslwkACgkQjB93TexNMofGegD/bVmx NpxLhZpwcPmfmGiSQe9wtkkYlM/Yn1TmaXKzOsAA/2BlLQ18OzDlgrEM7caUN9DYcUNOzu5Pyqb v0hd78ZcC X-Developer-Key: i=ftyghome@gmail.com; a=openpgp; fpr=8DF831DDA9693733B63CA0C18C1F774DEC4D3287 Add check to ensure that ARG_PTR_TO_MEM is used with either MEM_WRITE or MEM_RDONLY. Using ARG_PTR_TO_MEM alone without tags does not make sense because: - If the helper does not change the argument, missing MEM_RDONLY causes the verifier to incorrectly reject a read-only buffer. - If the helper does change the argument, missing MEM_WRITE causes the verifier to incorrectly assume the memory is unchanged, leading to errors in code optimization. Co-developed-by: Shuran Liu Signed-off-by: Shuran Liu Co-developed-by: Peili Gao Signed-off-by: Peili Gao Co-developed-by: Haoran Ni Signed-off-by: Haoran Ni Signed-off-by: Zesen Liu --- kernel/bpf/verifier.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index f0ca69f888fa..c7ebddb66385 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -10349,10 +10349,27 @@ static bool check_btf_id_ok(const struct bpf_func= _proto *fn) return true; } =20 +static bool check_mem_arg_rw_flag_ok(const struct bpf_func_proto *fn) +{ + int i; + + for (i =3D 0; i < ARRAY_SIZE(fn->arg_type); i++) { + enum bpf_arg_type arg_type =3D fn->arg_type[i]; + + if (base_type(arg_type) !=3D ARG_PTR_TO_MEM) + continue; + if (!(arg_type & (MEM_WRITE | MEM_RDONLY))) + return false; + } + + return true; +} + static int check_func_proto(const struct bpf_func_proto *fn, int func_id) { return check_raw_mode_ok(fn) && check_arg_pair_ok(fn) && + check_mem_arg_rw_flag_ok(fn) && check_btf_id_ok(fn) ? 0 : -EINVAL; } =20 --=20 2.43.0