From 9212bbf98b3fbe9e1a5dafbdbbd764c6e6384c45 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Mon, 15 Jan 2024 11:28:47 +0000 Subject: [PATCH] Revert "bpf: Remove unused insn_cnt argument from visit_[func_call_]insn()" This reverts commit 97bb6dab01728e5a5f4eca998efd91bc89403032 which is commit dcb2288b1fd9a8cdf2f3b8c0c7b3763346ef515f upstream. It breaks the Android kernel abi and can be brought back in the future in an abi-safe way if it is really needed. Bug: 161946584 Change-Id: I54a313a185430628b10240a94a96de8353040111 Signed-off-by: Greg Kroah-Hartman --- kernel/bpf/verifier.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index 8f7ea3be05bb..16f7a13acd54 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -11099,7 +11099,8 @@ static int push_insn(int t, int w, int e, struct bpf_verifier_env *env, return DONE_EXPLORING; } -static int visit_func_call_insn(int t, struct bpf_insn *insns, +static int visit_func_call_insn(int t, int insn_cnt, + struct bpf_insn *insns, struct bpf_verifier_env *env, bool visit_callee) { @@ -11130,13 +11131,13 @@ static int visit_func_call_insn(int t, struct bpf_insn *insns, * DONE_EXPLORING - the instruction was fully explored * KEEP_EXPLORING - there is still work to be done before it is fully explored */ -static int visit_insn(int t, struct bpf_verifier_env *env) +static int visit_insn(int t, int insn_cnt, struct bpf_verifier_env *env) { struct bpf_insn *insns = env->prog->insnsi; int ret; if (bpf_pseudo_func(insns + t)) - return visit_func_call_insn(t, insns, env, true); + return visit_func_call_insn(t, insn_cnt, insns, env, true); /* All non-branch instructions have a single fall-through edge. */ if (BPF_CLASS(insns[t].code) != BPF_JMP && @@ -11155,7 +11156,7 @@ static int visit_insn(int t, struct bpf_verifier_env *env) * async state will be pushed for further exploration. */ mark_prune_point(env, t); - return visit_func_call_insn(t, insns, env, + return visit_func_call_insn(t, insn_cnt, insns, env, insns[t].src_reg == BPF_PSEUDO_CALL); case BPF_JA: @@ -11212,7 +11213,7 @@ static int check_cfg(struct bpf_verifier_env *env) while (env->cfg.cur_stack > 0) { int t = insn_stack[env->cfg.cur_stack - 1]; - ret = visit_insn(t, env); + ret = visit_insn(t, insn_cnt, env); switch (ret) { case DONE_EXPLORING: insn_state[t] = EXPLORED;