[v2] bpf: reject overlarge global subprog argument sizes

[PATCH v2 0/1] bpf: reject overlarge global subprog argument sizes

Taegu Ha posted 1 patch 1 week, 4 days ago

Diff against v1 v3
Download series mbox

There is a newer version of this series

kernel/bpf/verifier.c                           |  5 +++++
.../bpf/progs/verifier_global_subprogs.c        | 17 +++++++++++++++++
2 files changed, 22 insertions(+)

Expand all Fold all

[PATCH v2 0/1] bpf: reject overlarge global subprog argument sizes

Posted by Taegu Ha 1 week, 4 days ago

This rejects BTF-derived global subprog argument sizes that cannot be
represented by the verifier's signed access-size API.

The issue is not a large immediate in the generated BPF instruction stream.
The oversized BTF pointee size wraps the caller-side PTR_TO_STACK argument
check before the callee is verified with the original large mem_size.

Changes in v2:
- Expand the commit message to describe the caller/callee verifier mismatch.
- Keep the existing size expression unchanged after adding the S32_MAX guard,
  as suggested by Yonghong.

Taegu Ha (1):
  bpf: reject overlarge global subprog argument sizes

 kernel/bpf/verifier.c                           |  5 +++++
 .../bpf/progs/verifier_global_subprogs.c        | 17 +++++++++++++++++
 2 files changed, 22 insertions(+)

-- 
2.43.0