Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp2620872pxj; Mon, 31 May 2021 06:45:09 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw0y7Zv07hauyrPBfUbF27L/LyOR5ksN32gtnsH0NnXRHZlNklZ29wnt5YSOucPN8S/EsZ9 X-Received: by 2002:aa7:ca0d:: with SMTP id y13mr26650218eds.307.1622468709584; Mon, 31 May 2021 06:45:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1622468709; cv=none; d=google.com; s=arc-20160816; b=N14OcfyYMmYrlCAFAerqCENhuRr1Cbj6vH9nWRaZDbjSRxlvv7xUmXtu4F85XRErQt u5YnamoRuoYqwrcaGWMOXzVjkMG4Cli+6fycj/zXvaHum0lo++FEJ6bd/FlYnJq4k9sw 7Le1+AhR1RW2iGoPmoRHHdniny0SMI4ku8pRJFYWb+oDUB7Soy5Rz+gWsLH5dhX102HG QBjD0es2UmPuS9GLsdAdcNnATOR1ZwvtNZ5ODWBvzs2wPfDdVW2hmoTlL9Q2RLTtynG/ 7Aca456ddA7zkNcpDBQZE54+TykBIWSjgTexAjWHQNsipzVZZDE7PNLo/k0mU/b24xLU FBOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=YjceVPw3+HAFbTHno4GRyaE14DOItb68wJWNaWwbEhs=; b=Ax9T2Ap21JwySskeokYg1A6JqF4zVspgw/5c1AcD3HoF7ZdK3QC54eNPjuEWCc8dUX uH+OrWwIxGzSw7HtDI4doUAYGqJsbhtipIDwjZIXq0kLQ3QurHPXXvOrEqN7a2k/AFQp 4B4SazyFZ/4PlLLqs9FcfIm07Q6xAeHUrheseB39ttjDIKIo/nsRmClyRW690qvVcHf5 GxbPapG6hzUd/FU2qoJ0OR1/Ch5wTXXG8bhjggJK3tN47qVPwc1gzgyyNKePKinnZfC3 OIiBsNKzptV4KrePVaJ3MkXbdLf7H8wG0ppJMkJk2sobLpVrJM/RryGjgsTg4rKGyKh8 L0/g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=snp7xD7q; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id s14si12825010edd.602.2021.05.31.06.44.45; Mon, 31 May 2021 06:45:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=snp7xD7q; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232741AbhEaNpF (ORCPT + 99 others); Mon, 31 May 2021 09:45:05 -0400 Received: from mail.kernel.org ([198.145.29.99]:38982 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231783AbhEaNbN (ORCPT ); Mon, 31 May 2021 09:31:13 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 7F1EE61423; Mon, 31 May 2021 13:23:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1622467403; bh=tWeKI9rmRdr0PTEUBfR6LTALPuFkgRkfD8XHLww8JPM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=snp7xD7qt61Ck1xlWxZyEo5hE3c0jj1p0NcL7YKk24ADsY18KJGA1ioqCirKAj3m0 LfV5i+8yz8H7hcPEzp7d3Gr4wkLvDv0Hasoyj8c0zkxOculdCiBmqHpU6BrNbroDcr AjjXyJQ9U3DaBgfYgce08ee1843hb0ajDqtlnGOA= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Greg Kroah-Hartman , Daniel Borkmann , John Fastabend , Alexei Starovoitov , Frank van der Linden , Ovidiu Panait Subject: [PATCH 4.19 052/116] bpf: Move sanitize_val_alu out of op switch Date: Mon, 31 May 2021 15:13:48 +0200 Message-Id: <20210531130641.935700816@linuxfoundation.org> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210531130640.131924542@linuxfoundation.org> References: <20210531130640.131924542@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Daniel Borkmann commit f528819334881fd622fdadeddb3f7edaed8b7c9b upstream. Add a small sanitize_needed() helper function and move sanitize_val_alu() out of the main opcode switch. In upcoming work, we'll move sanitize_ptr_alu() as well out of its opcode switch so this helps to streamline both. Signed-off-by: Daniel Borkmann Reviewed-by: John Fastabend Acked-by: Alexei Starovoitov [fllinden@amazon.com: backported to 5.4] Signed-off-by: Frank van der Linden Signed-off-by: Greg Kroah-Hartman Signed-off-by: Ovidiu Panait Signed-off-by: Greg Kroah-Hartman --- kernel/bpf/verifier.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -2815,6 +2815,11 @@ static int sanitize_val_alu(struct bpf_v return update_alu_sanitation_state(aux, BPF_ALU_NON_POINTER, 0); } +static bool sanitize_needed(u8 opcode) +{ + return opcode == BPF_ADD || opcode == BPF_SUB; +} + static int sanitize_ptr_alu(struct bpf_verifier_env *env, struct bpf_insn *insn, const struct bpf_reg_state *ptr_reg, @@ -3207,11 +3212,14 @@ static int adjust_scalar_min_max_vals(st return 0; } - switch (opcode) { - case BPF_ADD: + if (sanitize_needed(opcode)) { ret = sanitize_val_alu(env, insn); if (ret < 0) return sanitize_err(env, insn, ret, NULL, NULL); + } + + switch (opcode) { + case BPF_ADD: if (signed_add_overflows(dst_reg->smin_value, smin_val) || signed_add_overflows(dst_reg->smax_value, smax_val)) { dst_reg->smin_value = S64_MIN; @@ -3231,9 +3239,6 @@ static int adjust_scalar_min_max_vals(st dst_reg->var_off = tnum_add(dst_reg->var_off, src_reg.var_off); break; case BPF_SUB: - ret = sanitize_val_alu(env, insn); - if (ret < 0) - return sanitize_err(env, insn, ret, NULL, NULL); if (signed_sub_overflows(dst_reg->smin_value, smax_val) || signed_sub_overflows(dst_reg->smax_value, smin_val)) { /* Overflow possible, we know nothing */