git.baikalelectronics.ru Git - kernel.git/commit

author	Joe Stringer <joe@wand.net.nz>
	Tue, 2 Oct 2018 20:35:35 +0000 (13:35 -0700)
committer	Daniel Borkmann <daniel@iogearbox.net>
	Wed, 3 Oct 2018 00:53:47 +0000 (02:53 +0200)
commit	8825dfd9e4731ef41a689dd70f75f7b09edec07b
tree	5f5cd39c65ff6f3839c78ce39684da93e1252cf3	tree \| snapshot
parent	155636cb9691004d878790fdbc754be13698a8ea	commit \| diff

bpf: Add reference tracking to verifier

Allow helper functions to acquire a reference and return it into a
register. Specific pointer types such as the PTR_TO_SOCKET will
implicitly represent such a reference. The verifier must ensure that
these references are released exactly once in each path through the
program.

To achieve this, this commit assigns an id to the pointer and tracks it
in the 'bpf_func_state', then when the function or program exits,
verifies that all of the acquired references have been freed. When the
pointer is passed to a function that frees the reference, it is removed
from the 'bpf_func_state` and all existing copies of the pointer in
registers are marked invalid.

Signed-off-by: Joe Stringer <joe@wand.net.nz>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>

include/linux/bpf_verifier.h		diff \| blob \| history
kernel/bpf/verifier.c		diff \| blob \| history