bpf: Check for helper calls in check_subprogs()

The condition src_reg != BPF_PSEUDO_CALL && imm == BPF_FUNC_tail_call may be satisfied by a kfunc call. This would lead to unnecessarily setting has_tail_call. Use src_reg == 0 instead. Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com> Acked-by: Stanislav Fomichev <sdf@google.com> Link: https://lore.kernel.org/r/20230220163756.753713-1-iii@linux.ibm.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
author: Ilya Leoshkevich <iii@linux.ibm.com> 2023-02-20 19:37:56 +0300
committer: Alexei Starovoitov <ast@kernel.org> 2023-02-23 00:08:52 +0300
commit: df2ccc180a2e6f6e4343ebee99dcfab4f8af2816 (patch)
tree: 322f1895b986f7b8d04bc9126c36a678727c2c49
parent: bb035ef0cc91e115faa80187ac8886a7f1914d06 (diff)
download: linux-df2ccc180a2e6f6e4343ebee99dcfab4f8af2816.tar.xz
1 files changed, 2 insertions, 2 deletions
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index 741cb5107536..5cb8b623f639 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -2479,8 +2479,8 @@ static int check_subprogs(struct bpf_verifier_env *env)
 		u8 code = insn[i].code;
 
 		if (code == (BPF_JMP | BPF_CALL) &&
-		    insn[i].imm == BPF_FUNC_tail_call &&
-		    insn[i].src_reg != BPF_PSEUDO_CALL)
+		    insn[i].src_reg == 0 &&
+		    insn[i].imm == BPF_FUNC_tail_call)
 			subprog[cur_subprog].has_tail_call = true;
 		if (BPF_CLASS(code) == BPF_LD &&
 		    (BPF_MODE(code) == BPF_ABS || BPF_MODE(code) == BPF_IND))
author	Ilya Leoshkevich <iii@linux.ibm.com>	2023-02-20 19:37:56 +0300
committer	Alexei Starovoitov <ast@kernel.org>	2023-02-23 00:08:52 +0300
commit	df2ccc180a2e6f6e4343ebee99dcfab4f8af2816 (patch)
tree	322f1895b986f7b8d04bc9126c36a678727c2c49
parent	bb035ef0cc91e115faa80187ac8886a7f1914d06 (diff)
download	linux-df2ccc180a2e6f6e4343ebee99dcfab4f8af2816.tar.xz