Merge tag 'for-netdev' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf (be1236fc) · Commits · EulixOS / Software / Kernel

kernel/bpf/bpf_lsm.c

+2 −0

Original line number	Original line	Diff line number	Diff line
	@@ -351,8 +351,10 @@ BTF_ID(func, bpf_lsm_bpf_prog_alloc_security)
	BTF_ID(func, bpf_lsm_bpf_prog_free_security)		BTF_ID(func, bpf_lsm_bpf_prog_free_security)
	BTF_ID(func, bpf_lsm_file_alloc_security)		BTF_ID(func, bpf_lsm_file_alloc_security)
	BTF_ID(func, bpf_lsm_file_free_security)		BTF_ID(func, bpf_lsm_file_free_security)
			#ifdef CONFIG_SECURITY_NETWORK
	BTF_ID(func, bpf_lsm_sk_alloc_security)		BTF_ID(func, bpf_lsm_sk_alloc_security)
	BTF_ID(func, bpf_lsm_sk_free_security)		BTF_ID(func, bpf_lsm_sk_free_security)
			#endif /* CONFIG_SECURITY_NETWORK */
	BTF_ID(func, bpf_lsm_task_free)		BTF_ID(func, bpf_lsm_task_free)
	BTF_SET_END(untrusted_lsm_hooks)		BTF_SET_END(untrusted_lsm_hooks)

+8 −1

Original line number	Original line	Diff line number	Diff line
	@@ -11822,10 +11822,17 @@ static int check_cond_jmp_op(struct bpf_verifier_env *env,
	* register B - not null		* register B - not null
	* for JNE A, B, ... - A is not null in the false branch;		* for JNE A, B, ... - A is not null in the false branch;
	* for JEQ A, B, ... - A is not null in the true branch.		* for JEQ A, B, ... - A is not null in the true branch.
			*
			* Since PTR_TO_BTF_ID points to a kernel struct that does
			* not need to be null checked by the BPF program, i.e.,
			* could be null even without PTR_MAYBE_NULL marking, so
			* only propagate nullness when neither reg is that type.
	*/		*/
	if (!is_jmp32 && BPF_SRC(insn->code) == BPF_X &&		if (!is_jmp32 && BPF_SRC(insn->code) == BPF_X &&
	__is_pointer_value(false, src_reg) && __is_pointer_value(false, dst_reg) &&		__is_pointer_value(false, src_reg) && __is_pointer_value(false, dst_reg) &&
	type_may_be_null(src_reg->type) != type_may_be_null(dst_reg->type)) {		type_may_be_null(src_reg->type) != type_may_be_null(dst_reg->type) &&
			base_type(src_reg->type) != PTR_TO_BTF_ID &&
			base_type(dst_reg->type) != PTR_TO_BTF_ID) {
	eq_branch_regs = NULL;		eq_branch_regs = NULL;
	switch (opcode) {		switch (opcode) {
	case BPF_JEQ:		case BPF_JEQ:

+5 −2

Original line number	Original line	Diff line number	Diff line
	@@ -3180,15 +3180,18 @@ static int bpf_skb_generic_push(struct sk_buff *skb, u32 off, u32 len)

	static int bpf_skb_generic_pop(struct sk_buff *skb, u32 off, u32 len)		static int bpf_skb_generic_pop(struct sk_buff *skb, u32 off, u32 len)
	{		{
			void *old_data;

	/* skb_ensure_writable() is not needed here, as we're		/* skb_ensure_writable() is not needed here, as we're
	* already working on an uncloned skb.		* already working on an uncloned skb.
	*/		*/
	if (unlikely(!pskb_may_pull(skb, off + len)))		if (unlikely(!pskb_may_pull(skb, off + len)))
	return -ENOMEM;		return -ENOMEM;

	skb_postpull_rcsum(skb, skb->data + off, len);		old_data = skb->data;
	memmove(skb->data + len, skb->data, off);
	__skb_pull(skb, len);		__skb_pull(skb, len);
			skb_postpull_rcsum(skb, old_data + off, len);
			memmove(skb->data, old_data, off);

	return 0;		return 0;
	}		}

+4 −0

Original line number	Original line	Diff line number	Diff line
	@@ -145,6 +145,10 @@ ifeq ($(feature-llvm),1)
	LLVM_CONFIG_LIB_COMPONENTS := mcdisassembler all-targets		LLVM_CONFIG_LIB_COMPONENTS := mcdisassembler all-targets
	CFLAGS += $(shell $(LLVM_CONFIG) --cflags --libs $(LLVM_CONFIG_LIB_COMPONENTS))		CFLAGS += $(shell $(LLVM_CONFIG) --cflags --libs $(LLVM_CONFIG_LIB_COMPONENTS))
	LIBS += $(shell $(LLVM_CONFIG) --libs $(LLVM_CONFIG_LIB_COMPONENTS))		LIBS += $(shell $(LLVM_CONFIG) --libs $(LLVM_CONFIG_LIB_COMPONENTS))
			ifeq ($(shell $(LLVM_CONFIG) --shared-mode),static)
			LIBS += $(shell $(LLVM_CONFIG) --system-libs $(LLVM_CONFIG_LIB_COMPONENTS))
			LIBS += -lstdc++
			endif
	LDFLAGS += $(shell $(LLVM_CONFIG) --ldflags)		LDFLAGS += $(shell $(LLVM_CONFIG) --ldflags)
	else		else
	# Fall back on libbfd		# Fall back on libbfd

+1 −0