函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:kernel\bpf\verifier.c Create Date:2022-07-27 14:21:03
Last Modify:2022-05-19 20:02:10 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:bpf_check

函数原型:int bpf_check(struct bpf_prog **prog, union bpf_attr *attr, union bpf_attr __user *uattr)

返回类型:int

参数:

类型参数名称
struct bpf_prog **prog
union bpf_attr *attr
union bpf_attr __user *uattr
9677  start_time等于ktime_get_ns()
9680  ret等于负EINVAL
9684  如果ARRAY_SIZE - get the number of elements in array @arr*@arr: array to be sized(bpf_verifier_ops)恒等于0则返回:负EINVAL
9690  env等于分配内存并置零
9691  如果非env则返回:负ENOMEM
9693  log等于log
9695  len等于 Number of filter blocks
9696  array of per-insn state 等于vzalloc(array_size() - Calculate size of 2-dimensional array.*@a: dimension one*@b: dimension two* Calculates size of 2-dimensional array: @a *@b.* Returns: number of bytes needed to represent the array or SIZE_MAX on* overflow.)
9698  ret等于负ENOMEM
9699  如果非array of per-insn state 则转到:err_free_env
9701 i小于len循环 original instruction index 等于i
9703  BPF program being verified 等于prog
9704  ops等于bpf_verifier_ops[ Type of BPF program ]
9705  is_priv等于操作权限检查
9707  如果非btf_vmlinuxIS_ENABLED(CONFIG_FOO) evaluates to 1 if CONFIG_FOO is set to 'y' or 'm',* 0 otherwise.(CONFIG_DEBUG_INFO_BTF)则
9708  mutex_lock( & bpf_verifier_lock)
9709  如果非btf_vmlinuxbtf_vmlinux等于btf_parse_vmlinux()
9711  mutex_unlock - release the mutex*@lock: the mutex to be released* Unlock a mutex that has been locked by this task previously.* This function must not be used in interrupt context. Unlocking* of a not locked mutex is not allowed.
9715  如果非is_privmutex_lock( & bpf_verifier_lock)
9718  如果 verbosity level of verifier log_buf size of user buffer
9722  level等于 verbosity level of verifier
9723  ubuf等于log_buf
9724  len_total等于 size of user buffer
9726  ret等于负EINVAL
9728  如果len_total小于128或len_total大于UINT_MAX右移2位或非level或非ubuflevel按位与BPF_LOG_MASK的反则转到:err_unlock
9733  如果是错误
9735  verbose(env, "in-kernel BTF is malformed\n")
9736  ret等于错误
9737  转到:skip_full_check
9740  ret等于check_attach_btf_id(env)
9741  如果ret则转到:skip_full_check
9744  perform strict pointer alignment checks 等于非非prog_flags按位与If BPF_F_STRICT_ALIGNMENT is used in BPF_PROG_LOAD command, the* verifier will perform strict alignment checking as if the kernel* has been built with CONFIG_EFFICIENT_UNALIGNED_ACCESS not set,* and NET_IP_ALIGN defined to 2.的值
9745  如果非IS_ENABLED(CONFIG_FOO) evaluates to 1 if CONFIG_FOO is set to 'y' or 'm',* 0 otherwise.(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS)则perform strict pointer alignment checks = true
9747  如果prog_flags按位与If BPF_F_ANY_ALIGNMENT is used in BPF_PROF_LOAD command, the* verifier will allow any alignment whatsoever. On platforms* with strict alignment requirements for loads ands stores (such* as sparc and mips) the verifier validates that all loads andperform strict pointer alignment checks = false
9750  allow_ptr_leaks等于is_priv
9752  如果is_privst verifier with different pruning frequency 等于prog_flags按位与The verifier internal test flag. Behavior is undefined
9755  ret等于look for pseudo eBPF instructions that access map FDs and* replace them with actual map pointers
9756  如果ret小于0则转到:skip_full_check
9759  如果bpf_prog_is_dev_bound( Auxiliary fields )则
9760  ret等于bpf_prog_offload_verifier_prep(BPF program being verified )
9761  如果ret则转到:skip_full_check
9765  search pruning optimization 等于kvcalloc(state_htab_size(env), *的长度, GFP_USER)
9768  ret等于负ENOMEM
9769  如果非search pruning optimization 则转到:skip_full_check
9772  ret等于check_subprogs(env)
9773  如果ret小于0则转到:skip_full_check
9776  ret等于check_btf_info(env, attr, uattr)
9777  如果ret小于0则转到:skip_full_check
9780  ret等于-recursive depth-first-search to detect loops in BPF program* loop == back-edge in directed graph
9781  如果ret小于0则转到:skip_full_check
9784  ret等于do_check(env)
9785  如果current verifier state
9786  free_verifier_state(current verifier state , true)
9787  current verifier state = NULL
9790  如果ret恒等于0且bpf_prog_is_dev_bound( Auxiliary fields )则ret等于bpf_prog_offload_finalize(env)
9793  skip_full_check :
9794  当非pop_stack(env, NULL, NULL)循环
9795  free_states(env)
9797  如果ret恒等于0则ret等于starting from main bpf function walk all instructions of the function* and recursively walk all callees that given function can call
9801  如果is_priv
9802  如果ret恒等于0则opt_hard_wire_dead_code_branches(env)
9804  如果ret恒等于0则ret等于opt_remove_dead_code(env)
9806  如果ret恒等于0则ret等于opt_remove_nops(env)
9808  否则
9809  如果ret恒等于0则The verifier does more data flow analysis than llvm and will not* explore branches that are dead at run time. Malicious programs can* have dead code too. Therefore replace all dead at-run-time code* with 'ja -1'.* Just nops are not optimal, e
9813  如果ret恒等于0则ret等于vert load instructions that access fields of a context type into a* sequence of instructions that access fields of the underlying structure:* struct __sk_buff -> struct sk_buff* struct bpf_sock_ops -> struct sock
9817  如果ret恒等于0则ret等于xup insn->imm field of bpf_call instructions* and inline eligible helpers as explicit sequence of BPF instructions* this function is called after eBPF program passed verification
9823  如果ret恒等于0且非bpf_prog_is_dev_bound( Auxiliary fields )则
9824  ret等于opt_subreg_zext_lo32_rnd_hi32(env, attr)
9825  Zero extensions has been inserted by verifier. = Return TRUE if the JIT backend wants verifier to enable sub-register usage* analysis code and wants explicit zero extension inserted by verifier.* Otherwise, return FALSE. ? !ret : false
9829  如果ret恒等于0则ret等于fixup_call_args(env)
9832  al verification time 等于ktime_get_ns()减start_time
9833  print_verification_stats(env)
9835  如果levelbpf_verifier_log_full(log)则ret等于负ENOSPC
9837  如果level且非ubuf
9838  ret等于负EFAULT
9839  转到:err_release_maps
9842  如果ret恒等于0且umber of used maps
9844  used_maps等于分配数组内存
9848  如果非used_maps
9849  ret等于负ENOMEM
9850  转到:err_release_maps
9853  内存复制(used_maps, array of map's used by eBPF program , array of map's used by eBPF program [0]的长度 * umber of used maps )
9855  used_map_cnt等于umber of used maps
9860  vert pseudo BPF_LD_IMM64 into generic BPF_LD_IMM64
9863  如果ret恒等于0则adjust_btf_func(env)
9866  err_release_maps :
9867  如果非used_mapsdrop refcnt of maps used by the rejected program
9872  prog等于BPF program being verified
9873  err_unlock :
9874  如果非is_privmutex_unlock - release the mutex*@lock: the mutex to be released* Unlock a mutex that has been locked by this task previously.* This function must not be used in interrupt context. Unlocking* of a not locked mutex is not allowed.
9876  vfree(array of per-insn state )
9877  err_free_env :
9878  kfree(env)
9879  返回:ret
调用者
名称描述
bpf_prog_load