From mboxrd@z Thu Jan 1 00:00:00 1970 From: Quentin Monnet Subject: [PATCH iproute2] bpf: initialise map symbol before retrieving and comparing its type Date: Tue, 20 Nov 2018 01:26:27 +0000 Message-ID: <1542677187-25432-1-git-send-email-quentin.monnet@netronome.com> Cc: Yonghong Song , Alexei Starovoitov , Daniel Borkmann , netdev@vger.kernel.org, oss-drivers@netronome.com, Quentin Monnet To: David Ahern , Stephen Hemminger Return-path: Received: from mail-wm1-f65.google.com ([209.85.128.65]:51212 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726119AbeKTLxm (ORCPT ); Tue, 20 Nov 2018 06:53:42 -0500 Received: by mail-wm1-f65.google.com with SMTP id w7-v6so548770wmc.1 for ; Mon, 19 Nov 2018 17:27:09 -0800 (PST) Sender: netdev-owner@vger.kernel.org List-ID: In order to compare BPF map symbol type correctly in regard to the latest LLVM, commit 7a04dd84a7f9 ("bpf: check map symbol type properly with newer llvm compiler") compares map symbol type to both NOTYPE and OBJECT. To do so, it first retrieves the type from "sym.st_info" and stores it into a temporary variable. However, the type is collected from the symbol "sym" before this latter symbol is actually updated. gelf_getsym() is called after that and updates "sym", and when comparison with OBJECT or NOTYPE happens it is done on the type of the symbol collected in the previous passage of the loop (or on an uninitialised symbol on the first passage). This may eventually break map collection from the ELF file. Fix this by assigning the type to the temporary variable only after the call to gelf_getsym(). Fixes: 7a04dd84a7f9 ("bpf: check map symbol type properly with newer llvm compiler") Reported-by: Ron Philip Signed-off-by: Quentin Monnet Reviewed-by: Jiong Wang --- lib/bpf.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/lib/bpf.c b/lib/bpf.c index 45f279fa4a41..6aff8f7bad7f 100644 --- a/lib/bpf.c +++ b/lib/bpf.c @@ -1758,11 +1758,12 @@ static const char *bpf_map_fetch_name(struct bpf_elf_ctx *ctx, int which) int i; for (i = 0; i < ctx->sym_num; i++) { - int type = GELF_ST_TYPE(sym.st_info); + int type; if (gelf_getsym(ctx->sym_tab, i, &sym) != &sym) continue; + type = GELF_ST_TYPE(sym.st_info); if (GELF_ST_BIND(sym.st_info) != STB_GLOBAL || (type != STT_NOTYPE && type != STT_OBJECT) || sym.st_shndx != ctx->sec_maps || @@ -1851,11 +1852,12 @@ static int bpf_map_num_sym(struct bpf_elf_ctx *ctx) GElf_Sym sym; for (i = 0; i < ctx->sym_num; i++) { - int type = GELF_ST_TYPE(sym.st_info); + int type; if (gelf_getsym(ctx->sym_tab, i, &sym) != &sym) continue; + type = GELF_ST_TYPE(sym.st_info); if (GELF_ST_BIND(sym.st_info) != STB_GLOBAL || (type != STT_NOTYPE && type != STT_OBJECT) || sym.st_shndx != ctx->sec_maps) @@ -1931,10 +1933,12 @@ static int bpf_map_verify_all_offs(struct bpf_elf_ctx *ctx, int end) * the table again. */ for (i = 0; i < ctx->sym_num; i++) { - int type = GELF_ST_TYPE(sym.st_info); + int type; if (gelf_getsym(ctx->sym_tab, i, &sym) != &sym) continue; + + type = GELF_ST_TYPE(sym.st_info); if (GELF_ST_BIND(sym.st_info) != STB_GLOBAL || (type != STT_NOTYPE && type != STT_OBJECT) || sym.st_shndx != ctx->sec_maps) -- 2.7.4