Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:kernel\bpf\verifier.c Create Date:2022-07-28 12:57:13
Last Modify:2022-05-19 20:02:10 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:For given verifier state backtrack_insn() is called from the last insn to* the first insn. Its purpose is to compute a bitmask of registers and* stack slots that needs precision in the parent verifier state.

Proto:static int backtrack_insn(struct bpf_verifier_env *env, int idx, u32 *reg_mask, u64 *stack_mask)

Type:int

Parameter:

TypeParameterName
struct bpf_verifier_env *env
intidx
u32 *reg_mask
u64 *stack_mask
1512  const struct bpf_insn_cbs cbs = {cb_print = verbose, private_data = env, }
1516  insn = insnsi + idx
1517  class = Instruction classes ( opcode )
1518  opcode = alu/jmp fields ( opcode )
1519  mode = BPF BPF_DW 0x18 64-bit ( opcode )
1520  dreg = 1u << dest register
1521  sreg = 1u << source register
1524  If opcode == 0 Then Return 0
1526  If level & BPF_LOG_LEVEL Then
1527  verbose(env, "regs=%x stack=%llx before ", * reg_mask, * stack_mask)
1528  verbose(env, "%d: ", idx)
1529  print_bpf_insn( & cbs, insn, allow_ptr_leaks)
1532  If class == BPF_ALU || class == alu mode in double word width Then
1533  If Not (reg_mask & dreg) Then Return 0
1535  If opcode == mov reg to reg Then
1536  If BPF_SRC( opcode ) == BPF_X Then
1541  reg_mask &= ~dreg
1542  reg_mask |= sreg
1543  Else
1550  reg_mask &= ~dreg
1552  Else
1553  If BPF_SRC( opcode ) == BPF_X Then
1558  reg_mask |= sreg
1563  Else if class == BPF_LDX Then
1564  If Not (reg_mask & dreg) Then Return 0
1566  reg_mask &= ~dreg
1574  If source register != BPF_REG_FP Then Return 0
1576  If ld/ldx fields ( opcode ) != double word (64-bit) Then Return 0
1583  spi = (- signed offset - 1) / size of eBPF register in bytes
1584  If spi >= 64 Then
1585  verbose(env, "BUG spi %d\n", spi)
1586  WARN_ONCE(1, "verifier backtracking bug")
1587  Return -EFAULT
1589  stack_mask |= 1ull << spi
1590  Else if class == BPF_STX || class == BPF_ST Then
1591  If reg_mask & dreg Then Return -Operation is not supported
1598  If dest register != BPF_REG_FP Then Return 0
1600  If ld/ldx fields ( opcode ) != double word (64-bit) Then Return 0
1602  spi = (- signed offset - 1) / size of eBPF register in bytes
1603  If spi >= 64 Then
1604  verbose(env, "BUG spi %d\n", spi)
1605  WARN_ONCE(1, "verifier backtracking bug")
1606  Return -EFAULT
1608  If Not (stack_mask & 1ull << spi ) Then Return 0
1610  stack_mask &= ~(1ull << spi)
1611  If class == BPF_STX Then reg_mask |= sreg
1613  Else if class == BPF_JMP || class == jmp mode in word width Then
1614  If opcode == unction call Then
1615  If source register == when bpf_call->src_reg == BPF_PSEUDO_CALL, bpf_call->imm == pc-relative* offset to another bpf function Then Return -Operation is not supported
1618  reg_mask &= ~1
1619  If reg_mask & 0x3f Then
1623  verbose(env, "BUG regs %x\n", * reg_mask)
1624  WARN_ONCE(1, "verifier backtracking bug")
1625  Return -EFAULT
1627  Else if opcode == unction return Then
1628  Return -Operation is not supported
1630  Else if class == BPF_LD Then
1631  If Not (reg_mask & dreg) Then Return 0
1633  reg_mask &= ~dreg
1638  If mode == BPF_IND || mode == BPF_ABS Then Return -Operation is not supported
1642  Return 0
Caller
NameDescribe
__mark_chain_precision