diff options
| author | Maciej Fijalkowski <maciej.fijalkowski@intel.com> | 2020-09-16 23:10:07 +0200 |
|---|---|---|
| committer | Alexei Starovoitov <ast@kernel.org> | 2020-09-17 19:19:20 -0700 |
| commit | 7f6e4312e15a5c370e84eaa685879b6bdcc717e4 (patch) | |
| tree | 1fb4e72fb739c21f5d4165d9d175a5a960b9e520 /include/linux/bpf_verifier.h | |
| parent | cf71b174d3464c7dc22f86f25d629a8d9d5c3519 (diff) | |
| download | linux-7f6e4312e15a5c370e84eaa685879b6bdcc717e4.tar.gz linux-7f6e4312e15a5c370e84eaa685879b6bdcc717e4.tar.bz2 linux-7f6e4312e15a5c370e84eaa685879b6bdcc717e4.zip | |
bpf: Limit caller's stack depth 256 for subprogs with tailcalls
Protect against potential stack overflow that might happen when bpf2bpf
calls get combined with tailcalls. Limit the caller's stack depth for
such case down to 256 so that the worst case scenario would result in 8k
stack size (32 which is tailcall limit * 256 = 8k).
Suggested-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Maciej Fijalkowski <maciej.fijalkowski@intel.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Diffstat (limited to 'include/linux/bpf_verifier.h')
| -rw-r--r-- | include/linux/bpf_verifier.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/bpf_verifier.h b/include/linux/bpf_verifier.h index 53c7bd568c5d..5026b75db972 100644 --- a/include/linux/bpf_verifier.h +++ b/include/linux/bpf_verifier.h @@ -358,6 +358,7 @@ struct bpf_subprog_info { u32 start; /* insn idx of function entry point */ u32 linfo_idx; /* The idx to the main_prog->aux->linfo */ u16 stack_depth; /* max. stack depth used by this function */ + bool has_tail_call; }; /* single container for all structs |