diff options
author | Daniel Borkmann <daniel@iogearbox.net> | 2017-06-11 00:50:42 +0200 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2017-06-11 01:05:45 +0200 |
commit | 4a2ff55aa4946b036b87572976cbfc6ab244c497 (patch) | |
tree | 85f6b87a60dcb4a9a6460e5dd5ee06a0704af187 /kernel | |
parent | bpf: don't check spilled reg state for non-STACK_SPILLed type slots (diff) | |
download | linux-4a2ff55aa4946b036b87572976cbfc6ab244c497.tar.xz linux-4a2ff55aa4946b036b87572976cbfc6ab244c497.zip |
bpf: reset id on CONST_IMM transition
Whenever we set the register to the type CONST_IMM, we currently don't
reset the id to 0. id member is not used in CONST_IMM case, so don't
let it become stale, where pruning won't be able to match later on.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/bpf/verifier.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index d031b3b0752e..d195d825515a 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -1952,6 +1952,7 @@ static int check_alu_op(struct bpf_verifier_env *env, struct bpf_insn *insn) */ regs[insn->dst_reg].type = CONST_IMM; regs[insn->dst_reg].imm = insn->imm; + regs[insn->dst_reg].id = 0; regs[insn->dst_reg].max_value = insn->imm; regs[insn->dst_reg].min_value = insn->imm; regs[insn->dst_reg].min_align = calc_align(insn->imm); @@ -2409,6 +2410,7 @@ static int check_ld_imm(struct bpf_verifier_env *env, struct bpf_insn *insn) regs[insn->dst_reg].type = CONST_IMM; regs[insn->dst_reg].imm = imm; + regs[insn->dst_reg].id = 0; return 0; } |