Message ID | 1605009019-22310-1-git-send-email-kaixuxia@tencent.com |
---|---|
State | Superseded |
Headers | show |
Series | bpf: Fix unsigned 'datasec_id' compared with zero in check_pseudo_btf_id | expand |
On 11/10/20, xiakaixu1987@gmail.com <xiakaixu1987@gmail.com> wrote: > From: Kaixu Xia <kaixuxia@tencent.com> > > The unsigned variable datasec_id is assigned a return value from the call > to check_pseudo_btf_id(), which may return negative error code. > > Fixes coccicheck warning: > > ./kernel/bpf/verifier.c:9616:5-15: WARNING: Unsigned expression compared > with zero: datasec_id > 0 > > Reported-by: Tosk Robot <tencent_os_robot@tencent.com> > Signed-off-by: Kaixu Xia <kaixuxia@tencent.com> > --- > kernel/bpf/verifier.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c > index 6200519582a6..e9d8d4309bb4 100644 > --- a/kernel/bpf/verifier.c > +++ b/kernel/bpf/verifier.c > @@ -9572,7 +9572,7 @@ static int check_pseudo_btf_id(struct bpf_verifier_env > *env, > struct bpf_insn *insn, > struct bpf_insn_aux_data *aux) > { > - u32 datasec_id, type, id = insn->imm; > + s32 datasec_id, type, id = insn->imm; but the value is passed as u32 to btf_type_by_id()... btf_find_by_name_kind() returns s32 > const struct btf_var_secinfo *vsi; > const struct btf_type *datasec; > const struct btf_type *t; > -- > 2.20.0 > >
On Tue, Nov 10, 2020 at 3:50 AM <xiakaixu1987@gmail.com> wrote: > > From: Kaixu Xia <kaixuxia@tencent.com> > > The unsigned variable datasec_id is assigned a return value from the call > to check_pseudo_btf_id(), which may return negative error code. > > Fixes coccicheck warning: > > ./kernel/bpf/verifier.c:9616:5-15: WARNING: Unsigned expression compared with zero: datasec_id > 0 > > Reported-by: Tosk Robot <tencent_os_robot@tencent.com> > Signed-off-by: Kaixu Xia <kaixuxia@tencent.com> > --- > kernel/bpf/verifier.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c > index 6200519582a6..e9d8d4309bb4 100644 > --- a/kernel/bpf/verifier.c > +++ b/kernel/bpf/verifier.c > @@ -9572,7 +9572,7 @@ static int check_pseudo_btf_id(struct bpf_verifier_env *env, > struct bpf_insn *insn, > struct bpf_insn_aux_data *aux) > { > - u32 datasec_id, type, id = insn->imm; > + s32 datasec_id, type, id = insn->imm; you are changing types for type and id variables here, so split out datasec_id definition into a separate line > const struct btf_var_secinfo *vsi; > const struct btf_type *datasec; > const struct btf_type *t; > -- > 2.20.0 >
On Tue, Nov 10, 2020 at 5:02 AM Denis Kirjanov <kda@linux-powerpc.org> wrote: > > On 11/10/20, xiakaixu1987@gmail.com <xiakaixu1987@gmail.com> wrote: > > From: Kaixu Xia <kaixuxia@tencent.com> > > > > The unsigned variable datasec_id is assigned a return value from the call > > to check_pseudo_btf_id(), which may return negative error code. > > > > Fixes coccicheck warning: > > > > ./kernel/bpf/verifier.c:9616:5-15: WARNING: Unsigned expression compared > > with zero: datasec_id > 0 > > > > Reported-by: Tosk Robot <tencent_os_robot@tencent.com> > > Signed-off-by: Kaixu Xia <kaixuxia@tencent.com> > > --- > > kernel/bpf/verifier.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c > > index 6200519582a6..e9d8d4309bb4 100644 > > --- a/kernel/bpf/verifier.c > > +++ b/kernel/bpf/verifier.c > > @@ -9572,7 +9572,7 @@ static int check_pseudo_btf_id(struct bpf_verifier_env > > *env, > > struct bpf_insn *insn, > > struct bpf_insn_aux_data *aux) > > { > > - u32 datasec_id, type, id = insn->imm; > > + s32 datasec_id, type, id = insn->imm; > > but the value is passed as u32 to btf_type_by_id()... > > btf_find_by_name_kind() returns s32 Right, valid range of BTF type IDs are >= 0 and (significantly) less than INT_MAX. So s32 is used to signal valid BTF ID or negative error, but all the APIs accepting BTF ID accept it as just u32. > > > > const struct btf_var_secinfo *vsi; > > const struct btf_type *datasec; > > const struct btf_type *t; > > -- > > 2.20.0 > > > >
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index 6200519582a6..e9d8d4309bb4 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -9572,7 +9572,7 @@ static int check_pseudo_btf_id(struct bpf_verifier_env *env, struct bpf_insn *insn, struct bpf_insn_aux_data *aux) { - u32 datasec_id, type, id = insn->imm; + s32 datasec_id, type, id = insn->imm; const struct btf_var_secinfo *vsi; const struct btf_type *datasec; const struct btf_type *t;