函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:kernel\bpf\verifier.c Create Date:2022-07-27 14:16:28
Last Modify:2022-05-19 20:02:10 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:verify safety of LD_ABS|LD_IND instructions:* - they can only appear in the programs where ctx == skb* - since they are wrappers of function calls, they scratch R1-R5 registers,* preserve R6-R9, and store return value into R0* Implicit input:* ctx == skb

函数原型:static int check_ld_abs(struct bpf_verifier_env *env, struct bpf_insn *insn)

返回类型:int

参数:

类型参数名称
struct bpf_verifier_env *env
struct bpf_insn *insn
6273  regs等于cur_regs(env)
6274  ctx_reg等于BPF_REG_6
6275  mode等于BPF BPF_DW 0x18 64-bit ( opcode )
6278  如果非may_access_skb( Type of BPF program )则
6279  verbose(env, "BPF_LD_[ABS|IND] instructions not allowed for this program type\n")
6280  返回:负EINVAL
6283  如果非gen_ld_abs
6284  verbose(env, "bpf verifier is misconfigured\n")
6285  返回:负EINVAL
6288  如果subprog_cnt大于1则
6296  verbose(env, "BPF_LD_[ABS|IND] instructions cannot be mixed with bpf-to-bpf calls\n")
6297  返回:负EINVAL
6300  如果 dest register 不等于BPF_REG_0 signed offset 不等于0或ld/ldx fields ( opcode )恒等于double word (64-bit) mode恒等于BPF_ABS source register 不等于BPF_REG_0
6303  verbose(env, "BPF_LD_[ABS|IND] uses reserved fields\n")
6304  返回:负EINVAL
6308  err等于check_reg_arg(env, ctx_reg, register is used as source operand )
6309  如果err则返回:err
6316  err等于check_reference_leak(env)
6317  如果err
6318  verbose(env, "BPF_LD_[ABS|IND] cannot be mixed with socket references\n")
6319  返回:err
6322  如果active_spin_lock
6323  verbose(env, "BPF_LD_[ABS|IND] cannot be used inside bpf_spin_lock-ed region\n")
6324  返回:负EINVAL
6327  如果 Ordering of fields matters. See states_equal() 不等于g points to bpf_context
6328  verbose(env, "at the time of BPF_LD_ABS|IND R6 != pointer to skb\n")
6330  返回:负EINVAL
6333  如果mode恒等于BPF_IND
6335  err等于check_reg_arg(env, source register , register is used as source operand )
6336  如果err则返回:err
6340  err等于check_ctx_reg(env, & regs[ctx_reg], ctx_reg)
6341  如果err小于0则返回:err
6345 i小于CALLER_SAVED_REGS循环
6346  mark_reg_not_init(env, regs, caller_saved[i])
6347  check_reg_arg(env, caller_saved[i], DST_OP_NO_MARK)
6354  mark_reg_unknown(env, regs, BPF_REG_0)
6356  Tracks subreg definition. The stored value is the insn_idx of the * writing insn. This is safe because subreg_def is used before any insn * patching which only happens after main verification finished.等于insn_idx加1
6357  返回:0
调用者
名称描述
do_check