• Home
  • Raw
  • Download

Lines Matching refs:insn_idx

171 	int insn_idx;  member
867 static int acquire_reference_state(struct bpf_verifier_env *env, int insn_idx)  in acquire_reference_state()  argument
878 	state->refs[new_ofs].insn_idx = insn_idx;  in acquire_reference_state()
1009 		     int *insn_idx, bool pop_log)  in pop_stack()  argument
1025 	if (insn_idx)  in pop_stack()
1026 		*insn_idx = head->insn_idx;  in pop_stack()
1038 					     int insn_idx, int prev_insn_idx,  in push_stack()  argument
1049 	elem->insn_idx = insn_idx;  in push_stack()
1540 						int insn_idx, int prev_insn_idx,  in push_async_cb()  argument
1550 	elem->insn_idx = insn_idx;  in push_async_cb()
2075 	struct bpf_insn *insn = env->prog->insnsi + env->insn_idx;  in check_reg_arg()
2108 		reg->subreg_def = rw64 ? DEF_NOT_SUBREG : env->insn_idx + 1;  in check_reg_arg()
2126 	p[cnt - 1].idx = env->insn_idx;  in push_jmp_history()
2532 	int last_idx = env->insn_idx;  in __mark_chain_precision()
2832 				       int insn_idx)  in check_stack_write_fixed_off()  argument
2836 	struct bpf_insn *insn = &env->prog->insnsi[insn_idx];  in check_stack_write_fixed_off()
2869 			env->insn_aux_data[insn_idx].sanitize_stack_spill = true;  in check_stack_write_fixed_off()
2899 			verbose_linfo(env, insn_idx, "; ");  in check_stack_write_fixed_off()
2970 				     int value_regno, int insn_idx)  in check_stack_write_var_off()  argument
3018 				insn_idx, i);  in check_stack_write_var_off()
3041 					insn_idx, i);  in check_stack_write_var_off()
3136 				verbose_linfo(env, env->insn_idx, "; ");  in check_stack_read_fixed_off()
3327 			     int value_regno, int insn_idx)  in check_stack_write()  argument
3336 						  value_regno, insn_idx);  in check_stack_write()
3343 						value_regno, insn_idx);  in check_stack_write()
3598 static int check_ctx_access(struct bpf_verifier_env *env, int insn_idx, int off, int size,  in check_ctx_access()  argument
3622 			env->insn_aux_data[insn_idx].ctx_field_size = info.ctx_field_size;  in check_ctx_access()
3646 static int check_sock_access(struct bpf_verifier_env *env, int insn_idx,  in check_sock_access()  argument
3680 		env->insn_aux_data[insn_idx].ctx_field_size =  in check_sock_access()
4345 static int check_mem_access(struct bpf_verifier_env *env, int insn_idx, u32 regno,  in check_mem_access()  argument
4449 		err = check_ctx_access(env, insn_idx, off, size, t, &reg_type, &btf, &btf_id);  in check_mem_access()
4451 			verbose_linfo(env, insn_idx, "; ");  in check_mem_access()
4494 						value_regno, insn_idx);  in check_mem_access()
4526 		err = check_sock_access(env, insn_idx, regno, off, size, t);  in check_mem_access()
4576 static int check_atomic(struct bpf_verifier_env *env, int insn_idx, struct bpf_insn *insn)  in check_atomic()  argument
4662 	err = check_mem_access(env, insn_idx, insn->dst_reg, insn->off,  in check_atomic()
4665 		err = check_mem_access(env, insn_idx, insn->dst_reg, insn->off,  in check_atomic()
4672 	err = check_mem_access(env, insn_idx, insn->dst_reg, insn->off,  in check_atomic()
5959 				   int insn_idx);
5963 			    struct bpf_func_state *callee, int insn_idx);
5966 			     int *insn_idx, int subprog,  in __check_func_call()  argument
6033 					 *insn_idx, subprog);  in __check_func_call()
6040 		err = set_callee_state_cb(env, caller, callee, *insn_idx);  in __check_func_call()
6062 			*insn_idx /* callsite */,  in __check_func_call()
6071 	err = set_callee_state_cb(env, caller, callee, *insn_idx);  in __check_func_call()
6081 	*insn_idx = env->subprog_info[subprog].start - 1;  in __check_func_call()
6126 			    struct bpf_func_state *callee, int insn_idx)  in set_callee_state()  argument
6139 			   int *insn_idx)  in check_func_call()  argument
6143 	target_insn = *insn_idx + insn->imm + 1;  in check_func_call()
6151 	return __check_func_call(env, insn, insn_idx, subprog, set_callee_state);  in check_func_call()
6157 				       int insn_idx)  in set_map_elem_callback_state()  argument
6159 	struct bpf_insn_aux_data *insn_aux = &env->insn_aux_data[insn_idx];  in set_map_elem_callback_state()
6186 				    int insn_idx)  in set_timer_callback_state()  argument
6212 static int prepare_func_exit(struct bpf_verifier_env *env, int *insn_idx)  in prepare_func_exit()  argument
6269 	*insn_idx = callee->callsite + 1;  in prepare_func_exit()
6273 		verbose(env, "to caller at %d:\n", *insn_idx);  in prepare_func_exit()
6305 		int func_id, int insn_idx)  in record_func_map()  argument
6307 	struct bpf_insn_aux_data *aux = &env->insn_aux_data[insn_idx];  in record_func_map()
6350 		int func_id, int insn_idx)  in record_func_key()  argument
6352 	struct bpf_insn_aux_data *aux = &env->insn_aux_data[insn_idx];  in record_func_key()
6398 			state->refs[i].id, state->refs[i].insn_idx);  in check_reference_leak()
6473 	int insn_idx = *insn_idx_p;  in check_helper_call()  local
6530 	err = record_func_map(env, &meta, func_id, insn_idx);  in check_helper_call()
6534 	err = record_func_key(env, &meta, func_id, insn_idx);  in check_helper_call()
6542 		err = check_mem_access(env, insn_idx, meta.regno, i, BPF_B,  in check_helper_call()
6705 		int id = acquire_reference_state(env, insn_idx);  in check_helper_call()
6767 			DEF_NOT_SUBREG : env->insn_idx + 1;  in mark_btf_func_reg_size()
6924 	return &env->insn_aux_data[env->insn_idx];  in cur_aux()
7120 	ret = sanitize_speculative_path(env, NULL, env->insn_idx + 1,  in sanitize_ptr_alu()
7121 					env->insn_idx);  in sanitize_ptr_alu()
7137 		env->insn_aux_data[env->insn_idx].seen = env->pass_cnt;  in sanitize_mark_insn_seen()
8396 					dst_reg->subreg_def = env->insn_idx + 1;  in check_alu_op()
9190 			     struct bpf_insn *insn, int *insn_idx)  in check_cond_jmp_op()  argument
9278 		    !sanitize_speculative_path(env, insn, *insn_idx + 1,  in check_cond_jmp_op()
9279 					       *insn_idx))  in check_cond_jmp_op()
9281 		*insn_idx += insn->off;  in check_cond_jmp_op()
9290 					       *insn_idx + insn->off + 1,  in check_cond_jmp_op()
9291 					       *insn_idx))  in check_cond_jmp_op()
9296 	other_branch = push_stack(env, *insn_idx + insn->off + 1, *insn_idx,  in check_cond_jmp_op()
9439 					     env->insn_idx + insn->imm + 1);  in check_ld_imm()
9575 	regs[BPF_REG_0].subreg_def = env->insn_idx + 1;  in check_ld_abs()
10439 		if (sl->state.insn_idx != insn ||  in clean_live_states()
10860 static int is_state_visited(struct bpf_verifier_env *env, int insn_idx)  in is_state_visited()  argument
10869 	if (!env->insn_aux_data[insn_idx].prune_point)  in is_state_visited()
10887 	pprev = explored_state(env, insn_idx);  in is_state_visited()
10890 	clean_live_states(env, insn_idx, cur);  in is_state_visited()
10894 		if (sl->state.insn_idx != insn_idx)  in is_state_visited()
10915 				verbose_linfo(env, insn_idx, "; ");  in is_state_visited()
10916 				verbose(env, "infinite loop detected at insn %d\n", insn_idx);  in is_state_visited()
11043 	new->insn_idx = insn_idx;  in is_state_visited()
11045 		  "BUG is_state_visited:branches_to_explore=%d insn %d\n", new->branches, insn_idx);  in is_state_visited()
11048 	cur->first_insn_idx = insn_idx;  in is_state_visited()
11050 	new_sl->next = *explored_state(env, insn_idx);  in is_state_visited()
11051 	*explored_state(env, insn_idx) = new_sl;  in is_state_visited()
11136 		if (env->insn_idx >= insn_cnt) {  in do_check()
11138 				env->insn_idx, insn_cnt);  in do_check()
11142 		insn = &insns[env->insn_idx];  in do_check()
11152 		err = is_state_visited(env, env->insn_idx);  in do_check()
11160 						env->prev_insn_idx, env->insn_idx,  in do_check()
11164 					verbose(env, "%d: safe\n", env->insn_idx);  in do_check()
11178 				verbose(env, "%d:", env->insn_idx);  in do_check()
11181 					env->prev_insn_idx, env->insn_idx,  in do_check()
11195 			verbose_linfo(env, env->insn_idx, "; ");  in do_check()
11196 			verbose(env, "%d: ", env->insn_idx);  in do_check()
11201 			err = bpf_prog_offload_verify_insn(env, env->insn_idx,  in do_check()
11209 		prev_insn_idx = env->insn_idx;  in do_check()
11235 			err = check_mem_access(env, env->insn_idx, insn->src_reg,  in do_check()
11241 			prev_src_type = &env->insn_aux_data[env->insn_idx].ptr_type;  in do_check()
11266 				err = check_atomic(env, env->insn_idx, insn);  in do_check()
11269 				env->insn_idx++;  in do_check()
11290 			err = check_mem_access(env, env->insn_idx, insn->dst_reg,  in do_check()
11296 			prev_dst_type = &env->insn_aux_data[env->insn_idx].ptr_type;  in do_check()
11324 			err = check_mem_access(env, env->insn_idx, insn->dst_reg,  in do_check()
11353 					err = check_func_call(env, insn, &env->insn_idx);  in do_check()
11357 					err = check_helper_call(env, insn, &env->insn_idx);  in do_check()
11370 				env->insn_idx += insn->off + 1;  in do_check()
11400 					err = prepare_func_exit(env, &env->insn_idx);  in do_check()
11413 						&env->insn_idx, pop_log);  in do_check()
11423 				err = check_cond_jmp_op(env, insn, &env->insn_idx);  in do_check()
11440 				env->insn_idx++;  in do_check()
11451 		env->insn_idx++;  in do_check()
12030 		if (desc->insn_idx <= off)  in adjust_poke_descs()
12032 		desc->insn_idx += len - 1;  in adjust_poke_descs()
12699 			if (poke->insn_idx < subprog_end &&  in jit_subprogs()
12700 			    poke->insn_idx >= subprog_start)  in jit_subprogs()
13092 					.insn_idx = i + delta,  in do_misc_fixups()
13477 		env->insn_idx = env->subprog_info[i].start;  in do_check_subprogs()
13478 		WARN_ON_ONCE(env->insn_idx == 0);  in do_check_subprogs()
13495 	env->insn_idx = 0;  in do_check_main()