From mboxrd@z Thu Jan 1 00:00:00 1970 From: Yonghong Song Subject: Re: [PATCH bpf] bpf: btf: Fix end boundary calculation for type section Date: Wed, 12 Sep 2018 10:38:46 -0700 Message-ID: <940cccef-1b05-5853-70b0-0421e196c979@fb.com> References: <20180912172911.3609494-1-kafai@fb.com> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit Cc: Alexei Starovoitov , Daniel Borkmann , To: Martin KaFai Lau , Return-path: Received: from mx0a-00082601.pphosted.com ([67.231.145.42]:42160 "EHLO mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727658AbeILWpr (ORCPT ); Wed, 12 Sep 2018 18:45:47 -0400 In-Reply-To: <20180912172911.3609494-1-kafai@fb.com> Content-Language: en-US Sender: netdev-owner@vger.kernel.org List-ID: On 9/12/18 10:29 AM, Martin KaFai Lau wrote: > The end boundary math for type section is incorrect in > btf_check_all_metas(). It just happens that hdr->type_off > is always 0 for now because there are only two sections > (type and string) and string section must be at the end (ensured > in btf_parse_str_sec). > > However, type_off may not be 0 if a new section would be added later. > This patch fixes it. > > Fixes: f80442a4cd18 ("bpf: btf: Change how section is supported in btf_header") > Reported-by: Dmitry Vyukov > Signed-off-by: Martin KaFai Lau Acked-by: Yonghong Song > --- > kernel/bpf/btf.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c > index 2590700237c1..138f0302692e 100644 > --- a/kernel/bpf/btf.c > +++ b/kernel/bpf/btf.c > @@ -1844,7 +1844,7 @@ static int btf_check_all_metas(struct btf_verifier_env *env) > > hdr = &btf->hdr; > cur = btf->nohdr_data + hdr->type_off; > - end = btf->nohdr_data + hdr->type_len; > + end = cur + hdr->type_len; > > env->log_type_id = 1; > while (cur < end) { >