diff options
author | Daniel Borkmann <daniel@iogearbox.net> | 2017-08-11 19:31:25 +0300 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2017-08-12 00:59:24 +0300 |
commit | 2ed46ce45ec02f6b2188419acdf372a144e06fb5 (patch) | |
tree | e73ac37a02171305e0efbaae972b38ef0a998a22 | |
parent | e4dde4127396f0c8f1c2e11b3ecc5baf4f8628bf (diff) | |
download | linux-2ed46ce45ec02f6b2188419acdf372a144e06fb5.tar.xz |
bpf: fix two missing target_size settings in bpf_convert_ctx_access
When CONFIG_NET_SCHED or CONFIG_NET_RX_BUSY_POLL is /not/ set and
we try a narrow __sk_buff load of tc_index or napi_id, respectively,
then verifier rightfully complains that it's misconfigured, because
we need to set target_size in each of the two cases. The rewrite
for the ctx access is just a dummy op, but needs to pass, so fix
this up.
Fixes: f96da09473b5 ("bpf: simplify narrower ctx access")
Reported-by: Shubham Bansal <illusionist.neo@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/core/filter.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/net/core/filter.c b/net/core/filter.c index f44fc22fd45a..6280a602604c 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -3505,6 +3505,7 @@ static u32 bpf_convert_ctx_access(enum bpf_access_type type, bpf_target_off(struct sk_buff, tc_index, 2, target_size)); #else + *target_size = 2; if (type == BPF_WRITE) *insn++ = BPF_MOV64_REG(si->dst_reg, si->dst_reg); else @@ -3520,6 +3521,7 @@ static u32 bpf_convert_ctx_access(enum bpf_access_type type, *insn++ = BPF_JMP_IMM(BPF_JGE, si->dst_reg, MIN_NAPI_ID, 1); *insn++ = BPF_MOV64_IMM(si->dst_reg, 0); #else + *target_size = 4; *insn++ = BPF_MOV64_IMM(si->dst_reg, 0); #endif break; |