Commit bf384975 authored Jan 28, 2023 by Ilya Leoshkevich Committed by Alexei Starovoitov Jan 28, 2023

bpf: Use ARG_CONST_SIZE_OR_ZERO for 3rd argument of bpf_tcp_raw_gen_syncookie_ipv{4,6}()

These functions already check that th_len < sizeof(*th), and
propagating the lower bound (th_len > 0) may be challenging
in complex code, e.g. as is the case with xdp_synproxy test on
s390x [1]. Switch to ARG_CONST_SIZE_OR_ZERO in order to make the
verifier accept code where it cannot prove that th_len > 0.

[1] https://lore.kernel.org/bpf/CAEf4Bzb3uiSHtUbgVWmkWuJ5Sw1UZd4c_iuS4QXtUkXmTTtXuQ@mail.gmail.com/



Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Link: https://lore.kernel.org/r/20230128000650.1516334-2-iii@linux.ibm.com


Signed-off-by: Alexei Starovoitov <ast@kernel.org>

parent 1d3cab43

net/core/filter.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -7536,7 +7536,7 @@ static const struct bpf_func_proto bpf_tcp_raw_gen_syncookie_ipv4_proto = {
		.arg1_type = ARG_PTR_TO_FIXED_SIZE_MEM,
		.arg1_size = sizeof(struct iphdr),
		.arg2_type = ARG_PTR_TO_MEM,
		.arg3_type = ARG_CONST_SIZE,
		.arg3_type = ARG_CONST_SIZE_OR_ZERO,
		};

		BPF_CALL_3(bpf_tcp_raw_gen_syncookie_ipv6, struct ipv6hdr *, iph,
		@@ -7568,7 +7568,7 @@ static const struct bpf_func_proto bpf_tcp_raw_gen_syncookie_ipv6_proto = {
		.arg1_type = ARG_PTR_TO_FIXED_SIZE_MEM,
		.arg1_size = sizeof(struct ipv6hdr),
		.arg2_type = ARG_PTR_TO_MEM,
		.arg3_type = ARG_CONST_SIZE,
		.arg3_type = ARG_CONST_SIZE_OR_ZERO,
		};

		BPF_CALL_2(bpf_tcp_raw_check_syncookie_ipv4, struct iphdr *, iph,