bpf: mark relevant stack slots scratched for register read instructions

When handling instructions that read register slots, mark relevant stack slots as scratched so that verifier log would contain those slots' states, in addition to currently emitted registers with stack slot offsets. Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Link: https://lore.kernel.org/r/20230505043317.3629845-3-andrii@kernel.org Signed-off-by: Alexei Starovoitov <ast@kernel.org>
author: Andrii Nakryiko <andrii@kernel.org> 2023-05-04 21:33:09 -0700
committer: Alexei Starovoitov <ast@kernel.org> 2023-05-04 22:35:34 -0700
commit: e0bf462276b6ee23203365eacb5c599f42a5a084 (patch)
tree: ba32252196d0584abb71a6ba53eca5e3968d2e30
parent: 5956f3011604f03be073cba0fbe5f399b4d779ec (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index ff4a8ab99f08..da8a5834f2ca 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -4109,6 +4109,7 @@ static void mark_reg_stack_read(struct bpf_verifier_env *env,
 	for (i = min_off; i < max_off; i++) {
 		slot = -i - 1;
 		spi = slot / BPF_REG_SIZE;
+		mark_stack_slot_scratched(env, spi);
 		stype = ptr_state->stack[spi].slot_type;
 		if (stype[slot % BPF_REG_SIZE] != STACK_ZERO)
 			break;
@@ -4160,6 +4161,8 @@ static int check_stack_read_fixed_off(struct bpf_verifier_env *env,
 	stype = reg_state->stack[spi].slot_type;
 	reg = &reg_state->stack[spi].spilled_ptr;
 
+	mark_stack_slot_scratched(env, spi);
+
 	if (is_spilled_reg(&reg_state->stack[spi])) {
 		u8 spill_size = 1;
author	Andrii Nakryiko <andrii@kernel.org>	2023-05-04 21:33:09 -0700
committer	Alexei Starovoitov <ast@kernel.org>	2023-05-04 22:35:34 -0700
commit	e0bf462276b6ee23203365eacb5c599f42a5a084 (patch)
tree	ba32252196d0584abb71a6ba53eca5e3968d2e30
parent	5956f3011604f03be073cba0fbe5f399b4d779ec (diff)