From: Yonghong Song <y...@fb.com>

commit e92888c72fbdc6f9d07b3b0604c012e81d7c0da7 upstream.

Currently, tracing/fentry and tracing/fexit prog
return values are not enforced. In trampoline codes,
the fentry/fexit prog return values are ignored.
Let us enforce it to be 0 to avoid confusion and
allows potential future extension.

This patch also explicitly added return value
checking for tracing/raw_tp, tracing/fmod_ret,
and freplace programs such that these program
return values can be anything. The purpose are
two folds:
 1. to make it explicit about return value expectations
    for these programs in verifier.
 2. for tracing prog_type, if a future attach type
    is added, the default is -ENOTSUPP which will
    enforce to specify return value ranges explicitly.

Fixes: fec56f5890d9 ("bpf: Introduce BPF trampoline")
Signed-off-by: Yonghong Song <y...@fb.com>
Signed-off-by: Alexei Starovoitov <a...@kernel.org>
Acked-by: Andrii Nakryiko <andr...@fb.com>
Link: https://lore.kernel.org/bpf/20200514053206.1298415-1-...@fb.com
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
---
 kernel/bpf/verifier.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index 1c53ccbd5b5d..c1bb5be530e9 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -6498,6 +6498,22 @@ static int check_return_code(struct bpf_verifier_env 
*env)
                        return 0;
                range = tnum_const(0);
                break;
+       case BPF_PROG_TYPE_TRACING:
+               switch (env->prog->expected_attach_type) {
+               case BPF_TRACE_FENTRY:
+               case BPF_TRACE_FEXIT:
+                       range = tnum_const(0);
+                       break;
+               case BPF_TRACE_RAW_TP:
+                       return 0;
+               default:
+                       return -ENOTSUPP;
+               }
+               break;
+       case BPF_PROG_TYPE_EXT:
+               /* freplace program can return anything as its return value
+                * depends on the to-be-replaced kernel func or bpf program.
+                */
        default:
                return 0;
        }
-- 
2.25.1

Reply via email to