Received: by 2002:a05:6a10:a852:0:0:0:0 with SMTP id d18csp377771pxy; Fri, 30 Apr 2021 07:21:40 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyd/1n1YpZ9kH7PcB0o67C9HBPa/YBnlZYscTWkrS7e7/C0PWaUPO/CS8jkUEcYwViaqm7b X-Received: by 2002:a65:6216:: with SMTP id d22mr4760990pgv.87.1619792500289; Fri, 30 Apr 2021 07:21:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1619792500; cv=none; d=google.com; s=arc-20160816; b=DQNbkbZ3mtyi2gA9OY4IRnY3Ul3sZQldlwmRxRV4DjtTpwjoGoKEJ3QrzCcdNHpLBB UAE3fZVRanTe2ZwBsZwnTxMDFIarcw4gFJp46MThh7/4zZETsyAlcjX8HB3pQ5sobeUa b7nhs00FPah5A50BTZ5CU2gftVZYAc0eEH2U21fVjI9M7k8tEN7li2T7Lu08qpx5mf0f HFZ8wiQ6CFPJvQu25XkW9X4TULvU61Oro4ONn7pwdMEskYGFkR9St6YeVygConpPmaVv NmPAI8mQ73WT8bCqAGkF0mSlfT7OHcEcOuNsbEuEVDBPz0riDYKrWRJPjlmTfD+oB8sh G1Kw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=I/0uEaLbOzJtRhPRUUbwvsw4d6vqUgtnwNL6RNMSAdI=; b=xR+kCklHIrXkaDTPKYhE+C2lWNAXb5erjXrOgYAkyQnKa0tUiVNnq6BZkVD9WdgjNa jVW96H8S7fOT9/ztCXboaLxt9bpLhd06SG0/V6qaI1vkCinIgxPiRl7bRoXl2bNXlh6x 48Duk/3tdrmzQfieYqxDNHrWbIuBPRWWVLGF6aJi7Rv7XZmNLXMCL8hhG7wB5+s5lAlD 36CDvx3PJQ1/OpUS+gm/n9W+P4EURHRUk35qTRCPDVNDjLdw4L2/LxPvACpCacuAAfZc 6mEqWBKIN9U53qw26gYcwVD9xsIii89AEV10ZKGncAdLBkZ+YjYh7+8ZbMFRxp66dusw q5VQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=liAIUpPF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id j13si2696477pfa.196.2021.04.30.07.21.24; Fri, 30 Apr 2021 07:21:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=liAIUpPF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232893AbhD3OVb (ORCPT + 99 others); Fri, 30 Apr 2021 10:21:31 -0400 Received: from mail.kernel.org ([198.145.29.99]:57742 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232619AbhD3OVb (ORCPT ); Fri, 30 Apr 2021 10:21:31 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id C316461450; Fri, 30 Apr 2021 14:20:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1619792442; bh=MDwoeJvrh1Z7R2xreywmuPkQRKdfc4Dty9ben5vEXJY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=liAIUpPFf9QTLpP9tnIHvWCm6jdQo2JCugFiFG2CEI3iQHbbu5nWkscuG79OV9/eS CAucLqOw4afzLn0YDD/c+xua5ayZDfyex4bmFPLnEijyfILkqSw9MImolW1ggGyTWB LteitPFptzSsVTSakAZMLRF7xHFi4bJO7mmi34BA= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Greg Kroah-Hartman , bpf@vger.kernel.org, Daniel Borkmann , John Fastabend , Alexei Starovoitov , Frank van der Linden Subject: [PATCH 5.4 6/8] bpf: Move sanitize_val_alu out of op switch Date: Fri, 30 Apr 2021 16:20:20 +0200 Message-Id: <20210430141911.368109936@linuxfoundation.org> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210430141911.137473863@linuxfoundation.org> References: <20210430141911.137473863@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Daniel Borkmann commit f528819334881fd622fdadeddb3f7edaed8b7c9b upstream. Add a small sanitize_needed() helper function and move sanitize_val_alu() out of the main opcode switch. In upcoming work, we'll move sanitize_ptr_alu() as well out of its opcode switch so this helps to streamline both. Signed-off-by: Daniel Borkmann Reviewed-by: John Fastabend Acked-by: Alexei Starovoitov [fllinden@amazon.com: backported to 5.4] Signed-off-by: Frank van der Linden Signed-off-by: Greg Kroah-Hartman --- kernel/bpf/verifier.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -4352,6 +4352,11 @@ static int sanitize_val_alu(struct bpf_v return update_alu_sanitation_state(aux, BPF_ALU_NON_POINTER, 0); } +static bool sanitize_needed(u8 opcode) +{ + return opcode == BPF_ADD || opcode == BPF_SUB; +} + static int sanitize_ptr_alu(struct bpf_verifier_env *env, struct bpf_insn *insn, const struct bpf_reg_state *ptr_reg, @@ -4753,11 +4758,14 @@ static int adjust_scalar_min_max_vals(st return 0; } - switch (opcode) { - case BPF_ADD: + if (sanitize_needed(opcode)) { ret = sanitize_val_alu(env, insn); if (ret < 0) return sanitize_err(env, insn, ret, NULL, NULL); + } + + switch (opcode) { + case BPF_ADD: if (signed_add_overflows(dst_reg->smin_value, smin_val) || signed_add_overflows(dst_reg->smax_value, smax_val)) { dst_reg->smin_value = S64_MIN; @@ -4777,9 +4785,6 @@ static int adjust_scalar_min_max_vals(st dst_reg->var_off = tnum_add(dst_reg->var_off, src_reg.var_off); break; case BPF_SUB: - ret = sanitize_val_alu(env, insn); - if (ret < 0) - return sanitize_err(env, insn, ret, NULL, NULL); if (signed_sub_overflows(dst_reg->smin_value, smax_val) || signed_sub_overflows(dst_reg->smax_value, smin_val)) { /* Overflow possible, we know nothing */