* [PATCH bpf] bpf: Fix inner map state pruning regression.
@ 2021-11-10 17:25 Alexei Starovoitov
2021-11-12 15:20 ` patchwork-bot+netdevbpf
0 siblings, 1 reply; 2+ messages in thread
From: Alexei Starovoitov @ 2021-11-10 17:25 UTC (permalink / raw)
To: davem; +Cc: daniel, lmb, andrii, netdev, bpf, kernel-team
From: Alexei Starovoitov <ast@kernel.org>
Introduction of map_uid made two lookups from outer map to be distinct.
That distinction is only necessary when inner map has an embedded timer.
Otherwise it will make the verifier state pruning to be conservative
which will cause complex programs to hit 1M insn_processed limit.
Tighten map_uid logic to apply to inner maps with timers only.
Fixes: 3e8ce29850f1 ("bpf: Prevent pointer mismatch in bpf_timer_init.")
Reported-by: Lorenz Bauer <lmb@cloudflare.com>
Tested-by: Lorenz Bauer <lmb@cloudflare.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
---
kernel/bpf/verifier.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index 890b3ec375a3..aab7482ed1c3 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -1151,7 +1151,8 @@ static void mark_ptr_not_null_reg(struct bpf_reg_state *reg)
/* transfer reg's id which is unique for every map_lookup_elem
* as UID of the inner map.
*/
- reg->map_uid = reg->id;
+ if (map_value_has_timer(map->inner_map_meta))
+ reg->map_uid = reg->id;
} else if (map->map_type == BPF_MAP_TYPE_XSKMAP) {
reg->type = PTR_TO_XDP_SOCK;
} else if (map->map_type == BPF_MAP_TYPE_SOCKMAP ||
--
2.30.2
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH bpf] bpf: Fix inner map state pruning regression.
2021-11-10 17:25 [PATCH bpf] bpf: Fix inner map state pruning regression Alexei Starovoitov
@ 2021-11-12 15:20 ` patchwork-bot+netdevbpf
0 siblings, 0 replies; 2+ messages in thread
From: patchwork-bot+netdevbpf @ 2021-11-12 15:20 UTC (permalink / raw)
To: Alexei Starovoitov; +Cc: davem, daniel, lmb, andrii, netdev, bpf, kernel-team
Hello:
This patch was applied to bpf/bpf.git (master)
by Daniel Borkmann <daniel@iogearbox.net>:
On Wed, 10 Nov 2021 09:25:56 -0800 you wrote:
> From: Alexei Starovoitov <ast@kernel.org>
>
> Introduction of map_uid made two lookups from outer map to be distinct.
> That distinction is only necessary when inner map has an embedded timer.
> Otherwise it will make the verifier state pruning to be conservative
> which will cause complex programs to hit 1M insn_processed limit.
> Tighten map_uid logic to apply to inner maps with timers only.
>
> [...]
Here is the summary with links:
- [bpf] bpf: Fix inner map state pruning regression.
https://git.kernel.org/bpf/bpf/c/b5634057b30f
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-11-12 15:20 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-11-10 17:25 [PATCH bpf] bpf: Fix inner map state pruning regression Alexei Starovoitov
2021-11-12 15:20 ` patchwork-bot+netdevbpf
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).